Sudden MS announcement!

June 6, 2018, 1:50 pm

≫ Next: Computer is not performing as good as it should .

≪ Previous: Recent dramatic slowdown Win 7

Twice in the last week, when I open MS Edge, I am confronted with an obvious malware screen telling me (in audio) that there are problems with my system and that closing this message with disable my computer. The screen CANNOT be closed; you have to reboot (which I do, knowing it's just malware).

I have run Avast FULL scan twice, and Malwarebytes also twice, and they find nothing.

What the he** is this thing and how has it gotten onto my computer?

↧

Computer is not performing as good as it should .

June 7, 2018, 4:32 am

≫ Next: HP PC May have been infected with virus but Im not sure

≪ Previous: Sudden MS announcement!

I have a windows 10 computer with avast free anti virus on it while it says I am fully protected and doing a scan says nothing suspicious.. the computer seems to not work as good as it used to .. I have done those two scans and hopefully from them you might advise me what I can do or what you think to do ..
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 11.0.17134.1
Run by Lorraine at 21:20:26 on 2018-06-07
Microsoft Windows 10 Pro 10.0.17134.0.1252.61.2057.18.3543.1657 [GMT 10:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ================
.
C:\WINDOWS\system32\fontdrvhost.exe
C:\Program Files\AVAST Software\Avast Cleanup\TuneupSvc.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\DllHost.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppVShNotify.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Avast Driver Updater\Avast Driver Updater.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\DllHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x86__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\AVAST Software\Avast Cleanup\TuneupUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\system32\DllHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x86__8wekyb3d8bbwe\HxTsr.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15912.0_x86__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\notepad.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files\Mozilla Thunderbird\thunderbird.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\conhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "c:\users\lorraine\appdata\local\microsoft\onedrive\OneDrive.exe" /background
mRun: [SecurityHealth] c:\program files\windows defender\MSASCuiL.exe
mRun: [AvastUI.exe] "c:\program files\avast software\avast\AvLaunch.exe" /gui
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\avastc~1.lnk - c:\program files\avast software\avast cleanup\TuneupUI.exe
uPolicies-Explorer: NoResolveTrack = dword:1
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Se&nd to OneNote - c:\program files\microsoft office\root\office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\program files\microsoft office\root\office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - c:\program files\microsoft office\root\office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 10.0.0.138
TCP: Interfaces\{1942f4a6-0579-4be6-a8ad-4494518953b3} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{43e5cc1d-c2ec-4047-8e3e-c97d38124723} : DHCPNameServer = 10.0.0.138
TCP: Interfaces\{7bb8e738-88b2-4b8d-afe3-462a00723f31} : DHCPNameServer = 10.0.0.138
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - c:\program files\microsoft office\root\vfs\programfilescommonx86\microsoft shared\office16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - c:\program files\microsoft office\root\office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - c:\windows\system32\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli c:\program files\truekey\McAfeeTrueKeyPasswordFilter
LSA: Security Packages = ""
mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "c:\program files\google\chrome\application\66.0.3359.181\installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - c:\windows\system32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;c:\windows\system32\drivers\aswbidshx.sys [2017-12-6 157368]
R0 aswblog;aswblog;c:\windows\system32\drivers\aswblogx.sys [2017-12-6 276688]
R0 aswbuniv;aswbuniv;c:\windows\system32\drivers\aswbunivx.sys [2017-12-6 50336]
R0 aswRvrt;aswRvrt;c:\windows\system32\drivers\aswRvrt.sys [2017-12-6 71840]
R0 aswVmm;aswVmm;c:\windows\system32\drivers\aswVmm.sys [2017-12-6 310784]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;c:\windows\system32\drivers\intelpep.sys [2018-4-12 159272]
R0 iorate;Disk I/O Rate Filter Driver;c:\windows\system32\drivers\iorate.sys [2018-4-12 44440]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;c:\windows\system32\drivers\mssecflt.sys [2018-4-12 219032]
R0 volume;Volume driver;c:\windows\system32\drivers\volume.sys [2018-4-12 14240]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;c:\windows\system32\drivers\WindowsTrustedRT.sys [2018-4-12 54312]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;c:\windows\system32\drivers\WindowsTrustedRTProxy.sys [2018-4-12 15400]
R0 Wof;Windows Overlay File System Filter Driver;c:\windows\system32\drivers\wof.sys [2018-4-12 175520]
R1 afunix;afunix;c:\windows\system32\drivers\afunix.sys [2018-4-12 29696]
R1 ahcache;Application Compatibility Cache;c:\windows\system32\drivers\ahcache.sys [2018-4-12 210432]
R1 aswArPot;aswArPot;c:\windows\system32\drivers\aswArPot.sys [2017-12-6 167040]
R1 aswbidsdriver;aswbidsdriver;c:\windows\system32\drivers\aswbidsdriverx.sys [2017-12-6 185432]
R1 aswHdsKe;aswHdsKe;c:\windows\system32\drivers\aswHdsKe.sys [2018-5-21 184632]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2017-12-6 784112]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2017-12-6 392368]
R1 bam;Background Activity Moderator Driver;c:\windows\system32\drivers\bam.sys [2018-4-12 49560]
R1 FileCrypt;FileCrypt;c:\windows\system32\drivers\filecrypt.sys [2018-4-12 45056]
R1 GpuEnergyDrv;GPU Energy Driver;c:\windows\system32\drivers\gpuenergydrv.sys [2018-4-12 7680]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2017-12-6 133160]
R2 aswStm;aswStm;c:\windows\system32\drivers\aswStm.sys [2017-12-6 152344]
R2 avast! Antivirus;Avast Antivirus;c:\program files\avast software\avast\AvastSvc.exe [2018-5-12 317280]
R2 CDPSvc;Connected Devices Platform Service;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
R2 CDPUserSvc_b26ca51;Connected Devices Platform User Service_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R2 CldFlt;Windows Cloud Files Filter Driver;c:\windows\system32\drivers\cldflt.sys [2018-4-12 336384]
R2 CleanupPSvc;Avast Cleanup Premium;c:\program files\avast software\avast cleanup\TuneupSvc.exe [2017-11-21 8633072]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;c:\program files\common files\microsoft shared\clicktorun\OfficeClickToRun.exe [2017-8-13 5793960]
R2 CoreMessagingRegistrar;CoreMessaging;c:\windows\system32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-12 44520]
R2 DiagTrack;Connected User Experiences and Telemetry;c:\windows\system32\svchost.exe -k utcsvc -p [2018-4-12 44520]
R2 DusmSvc;Data Usage;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
R2 OneSyncSvc_b26ca51;Sync Host_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R2 SecurityHealthService;Windows Defender Security Centre Service;c:\windows\system32\SecurityHealthService.exe [2018-4-12 626040]
R2 storqosflt;Storage QoS Filter Driver;c:\windows\system32\drivers\storqosflt.sys [2018-4-12 65024]
R2 UserManager;User Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
R2 UsoSvc;Update Orchestrator Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
R2 wcifs;Windows Container Isolation;c:\windows\system32\drivers\wcifs.sys [2018-4-12 119192]
R2 WpnService;Windows Push Notifications System Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
R2 WpnUserService_b26ca51;Windows Push Notifications User Service_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R3 aswbIDSAgent;aswbIDSAgent;c:\program files\avast software\avast\aswidsagent.exe [2018-5-12 5963368]
R3 camsvc;Capability Access Manager Service;c:\windows\system32\svchost.exe -k appmodel -p [2018-4-12 44520]
R3 DoSvc;Delivery Optimization;c:\windows\system32\svchost.exe -k NetworkService -p [2018-4-12 44520]
R3 DsSvc;Data Sharing Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
R3 lfsvc;Geolocation Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
R3 LicenseManager;Windows License Manager Service;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
R3 NcbService;Network Connection Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;c:\windows\system32\drivers\NdisVirtualBus.sys [2018-4-12 15872]
R3 PimIndexMaintenanceSvc_b26ca51;Contact Data_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R3 SEMgrSvc;Payments and NFC/SE Manager;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
R3 SensorService;Sensor Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
R3 StateRepository;State Repository Service;c:\windows\system32\svchost.exe -k appmodel -p [2018-4-12 44520]
R3 TimeBrokerSvc;Time Broker;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
R3 TokenBroker;Web Account Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
R3 UnistoreSvc_b26ca51;User Data Storage_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R3 UserDataSvc_b26ca51;User Data Access_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
R3 WaaSMedicSvc;Windows Update Medic Service;c:\windows\system32\svchost.exe -k wusvcs -p [2018-4-12 44520]
R3 wcnfs;Windows Container Name Virtualization;c:\windows\system32\drivers\wcnfs.sys [2018-4-12 65024]
R3 wisvc;Windows Insider Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S2 MapsBroker;Downloaded Maps Manager;c:\windows\system32\svchost.exe -k NetworkService -p [2018-4-12 44520]
S2 SkypeUpdate;Skype Updater;c:\program files\skype\updater\Updater.exe [2017-7-18 317408]
S3 AcpiDev;ACPI Devices driver;c:\windows\system32\drivers\AcpiDev.sys [2018-4-12 13312]
S3 ADP80XX;ADP80XX;c:\windows\system32\drivers\adp80xx.sys [2018-4-12 1038232]
S3 AJRouter;AllJoyn Router Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 applockerfltr;Smartlocker Filter Driver;c:\windows\system32\drivers\applockerfltr.sys [2018-4-12 13312]
S3 AppReadiness;App Readiness;c:\windows\system32\svchost.exe -k AppReadiness -p [2018-4-12 44520]
S3 AppvStrm;AppvStrm;c:\windows\system32\drivers\AppVStrm.sys [2018-4-12 92056]
S3 AppvVemgr;AppvVemgr;c:\windows\system32\drivers\AppvVemgr.sys [2018-4-12 116632]
S3 AppvVfs;AppvVfs;c:\windows\system32\drivers\AppvVfs.sys [2018-4-12 109976]
S3 AppXSvc;AppX Deployment Service (AppXSVC);c:\windows\system32\svchost.exe -k wsappx -p [2018-4-12 44520]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;c:\windows\system32\svchost.exe -k AssignedAccessManagerSvc [2018-4-12 44520]
S3 aswHwid;aswHwid;c:\windows\system32\drivers\aswHwid.sys [2017-12-6 42808]
S3 BcastDVRUserService_b26ca51;GameDVR and Broadcast User Service_b26ca51;c:\windows\system32\svchost.exe -k BcastDVRUserService [2018-4-12 44520]
S3 bcmfn2;bcmfn2 Service;c:\windows\system32\drivers\bcmfn2.sys [2018-4-12 8192]
S3 bindflt;Windows Bind Filter Driver;c:\windows\system32\drivers\bindflt.sys [2018-4-12 74144]
S3 BluetoothUserService_b26ca51;Bluetooth User Support Service_b26ca51;c:\windows\system32\svchost.exe -k BthAppGroup [2018-4-12 44520]
S3 BTAGService;Bluetooth Audio Gateway Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 44520]
S3 BthAvctpSvc;AVCTP service;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S3 buttonconverter;Service for Portable Device Control devices;c:\windows\system32\drivers\buttonconverter.sys [2018-4-12 27648]
S3 CAD;Charge Arbitration Driver;c:\windows\system32\drivers\CAD.sys [2018-4-12 50584]
S3 CapImg;HID driver for CapImg touch screen;c:\windows\system32\drivers\capimg.sys [2018-4-12 102400]
S3 CaptureService_b26ca51;CaptureService_b26ca51;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S3 ClipSVC;Client License Service (ClipSVC);c:\windows\system32\svchost.exe -k wsappx -p [2018-4-12 44520]
S3 DevicePickerUserSvc_b26ca51;DevicePicker_b26ca51;c:\windows\system32\svchost.exe -k DevicesFlow [2018-4-12 44520]
S3 DevicesFlowUserSvc_b26ca51;DevicesFlow_b26ca51;c:\windows\system32\svchost.exe -k DevicesFlow [2018-4-12 44520]
S3 DevQueryBroker;DevQuery Background Discovery Broker;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;c:\windows\system32\diagsvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-12 68096]
S3 diagsvc;Diagnostic Execution Service;c:\windows\system32\svchost.exe -k diagnostics [2018-4-12 44520]
S3 DmEnrollmentSvc;Device Management Enrollment Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 dmwappushservice;dmwappushsvc;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 embeddedmode;Embedded Mode;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 EntAppSvc;Enterprise App Management Service;c:\windows\system32\svchost.exe -k appmodel -p [2018-4-12 44520]
S3 FrameServer;Windows Camera Frame Server;c:\windows\system32\svchost.exe -k Camera [2018-4-12 44520]
S3 genericusbfn;Generic USB Function Class;c:\windows\system32\drivers\genericusbfn.sys [2018-4-12 17408]
S3 GPIO;Intel SoC GPIO Controller Driver;c:\windows\system32\drivers\iaiogpio.sys [2018-4-12 22016]
S3 GraphicsPerfSvc;GraphicsPerfSvc;c:\windows\system32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-12 44520]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;c:\windows\system32\drivers\hidinterrupt.sys [2018-4-12 38296]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;c:\windows\system32\drivers\mshwnclx.sys [2018-4-12 18944]
S3 iagpio;Intel Serial IO GPIO Controller Driver;c:\windows\system32\drivers\iagpio.sys [2018-4-12 28672]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;c:\windows\system32\drivers\iai2c.sys [2018-4-12 74240]
S3 iaioi2c;Intel(R) Atom(TM) Processor I2C Controller Service;c:\windows\system32\drivers\iaioi2c.sys [2018-4-12 57856]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;c:\windows\system32\drivers\iaStorAVC.sys [2018-4-12 693144]
S3 icssvc;Windows Mobile Hotspot Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;c:\windows\system32\drivers\IndirectKmd.sys [2018-4-12 30208]
S3 InstallService;Microsoft Store Install Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 IPT;IPT;c:\windows\system32\drivers\ipt.sys [2018-4-12 24064]
S3 IpxlatCfgSvc;IP Translation Configuration Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 ItSas35i;ItSas35i;c:\windows\system32\drivers\ItSas35i.sys [2018-4-12 118680]
S3 LSI_SAS2i;LSI_SAS2i;c:\windows\system32\drivers\lsi_sas2i.sys [2018-4-12 103320]
S3 LSI_SAS3i;LSI_SAS3i;c:\windows\system32\drivers\lsi_sas3i.sys [2018-4-12 105368]
S3 LxpSvc;Language Experience Service;c:\windows\system32\svchost.exe -k netsvcs [2018-4-12 44520]
S3 massfilter;ZTE Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter.sys [2017-1-31 7168]
S3 massfilter_LTE;ZTE LTE Device Mass Storage Filter Driver;c:\windows\system32\drivers\massfilter_LTE.sys [2017-1-31 15896]
S3 mausbhost;MA-USB Host Controller Driver;c:\windows\system32\drivers\mausbhost.sys [2018-4-12 405408]
S3 mausbip;MA-USB IP Filter Driver;c:\windows\system32\drivers\mausbip.sys [2018-4-12 43424]
S3 MBAMSwissArmy;MBAMSwissArmy;c:\windows\system32\drivers\mbamswissarmy.sys [2018-5-18 220896]
S3 megasas2i;megasas2i;c:\windows\system32\drivers\MegaSas2i.sys [2018-4-12 64408]
S3 megasas35i;megasas35i;c:\windows\system32\drivers\megasas35i.sys [2018-4-12 71576]
S3 MessagingService_b26ca51;MessagingService_b26ca51;c:\windows\system32\svchost.exe -k UnistackSvcGroup [2018-4-12 44520]
S3 NaturalAuthentication;Natural Authentication;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;c:\windows\system32\drivers\NetAdapterCx.sys [2018-4-12 122368]
S3 NetSetupSvc;Network Setup Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 netvsc;netvsc;c:\windows\system32\drivers\netvsc.sys [2018-4-12 140800]
S3 NgcCtnrSvc;Microsoft Passport Container;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 NgcSvc;Microsoft Passport;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 percsas2i;percsas2i;c:\windows\system32\drivers\percsas2i.sys [2018-4-12 51608]
S3 percsas3i;percsas3i;c:\windows\system32\drivers\percsas3i.sys [2018-4-12 54680]
S3 PhoneSvc;Phone Service;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S3 PNPMEM;Microsoft Memory Module Driver;c:\windows\system32\drivers\pnpmem.sys [2018-4-12 13312]
S3 PrintWorkflowUserSvc_b26ca51;PrintWorkflow_b26ca51;c:\windows\system32\svchost.exe -k PrintWorkflow [2018-4-12 44520]
S3 PushToInstall;Windows PushToInstall Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 Ramdisk;Windows RAM Disk Driver;c:\windows\system32\drivers\ramdisk.sys [2018-4-12 32664]
S3 RetailDemo;Retail Demo Service;c:\windows\system32\svchost.exe -k rdxgroup [2018-4-12 44520]
S3 rhproxy;Resource Hub proxy driver;c:\windows\system32\drivers\rhproxy.sys [2018-4-12 71168]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-12 44520]
S3 Sense;Windows Defender Advanced Threat Protection Service;c:\program files\windows defender advanced threat protection\MsSense.exe [2018-4-12 3151784]
S3 SensorDataService;Sensor Data Service;c:\windows\system32\SensorDataService.exe [2018-4-12 871424]
S3 SerCx2;Serial UART Support Library;c:\windows\system32\drivers\SerCx2.sys [2018-4-12 115096]
S3 SharedRealitySvc;Spatial Data Service;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S3 smphost;Microsoft Storage Spaces SMP;c:\windows\system32\svchost.exe -k smphost [2018-4-12 44520]
S3 SmsRouter;Microsoft Windows SMS Router Service.;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 spectrum;Windows Perception Service;c:\windows\system32\Spectrum.exe [2018-5-17 679424]
S3 ssh-agent;OpenSSH Authentication Agent;c:\windows\system32\openssh\ssh-agent.exe [2018-4-12 353792]
S3 stornvme;Microsoft Standard NVM Express Driver;c:\windows\system32\drivers\stornvme.sys [2018-4-12 82336]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;c:\windows\system32\drivers\storufs.sys [2018-4-12 39840]
S3 SWDUMon;SWDUMon;c:\windows\system32\drivers\SWDUMon.sys [2017-10-4 22728]
S3 swg3kser00;Sierra Wireless QMI USB Device for Legacy Serial Communication;c:\windows\system32\drivers\swg3kser00.sys [2017-1-31 215552]
S3 swiwdmbx;Sierra Wireless USB Bus Service;c:\windows\system32\drivers\swiwdmbx.sys [2017-1-31 83968]
S3 TieringEngineService;Storage Tiers Management;c:\windows\system32\TieringEngineService.exe [2018-4-12 267264]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;c:\windows\system32\drivers\UcmCx.sys [2018-4-12 89088]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;c:\windows\system32\drivers\UcmTcpciCx.sys [2018-4-12 102400]
S3 UcmUcsi;USB Connector Manager UCSI Client;c:\windows\system32\drivers\UcmUcsi.sys [2018-4-12 39424]
S3 UdeCx;USB Device Emulation Support Library;c:\windows\system32\drivers\Udecx.sys [2018-4-12 31744]
S3 UEFI;Microsoft UEFI Driver;c:\windows\system32\drivers\uefi.sys [2018-4-12 23456]
S3 Ufx01000;USB Function Class Extension;c:\windows\system32\drivers\ufx01000.sys [2018-4-12 215968]
S3 UfxChipidea;USB Chipidea Controller;c:\windows\system32\drivers\UfxChipidea.sys [2018-4-12 75168]
S3 ufxsynopsys;USB Synopsys Controller;c:\windows\system32\drivers\ufxsynopsys.sys [2018-4-12 110488]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;c:\windows\system32\drivers\urschipidea.sys [2018-4-12 22432]
S3 UrsCx01000;USB Role-Switch Support Library;c:\windows\system32\drivers\urscx01000.sys [2018-4-12 48544]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;c:\windows\system32\drivers\urssynopsys.sys [2018-4-12 21920]
S3 VacSvc;Volumetric Audio Compositor Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 vhf;Virtual HID Framework (VHF) Driver;c:\windows\system32\drivers\vhf.sys [2018-4-12 24576]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;c:\windows\system32\drivers\vmgid.sys [2018-4-12 8704]
S3 vmicguestinterface;Hyper-V Guest Service Interface;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;c:\windows\system32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 44520]
S3 WalletService;WalletService;c:\windows\system32\svchost.exe -k appmodel -p [2018-4-12 44520]
S3 WarpJITSvc;WarpJITSvc;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 44520]
S3 wdiwifi;WDI Driver Framework;c:\windows\system32\drivers\WdiWiFi.sys [2018-4-12 543744]
S3 WdmCompanionFilter;WdmCompanionFilter;c:\windows\system32\drivers\WdmCompanionFilter.sys [2018-4-12 17816]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;c:\windows\system32\drivers\WdNisDrv.sys [2018-4-12 30208]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;c:\program files\windows defender\NisSrv.exe [2018-4-12 3650472]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;c:\windows\system32\svchost.exe -k WepHostSvcGroup [2018-4-12 44520]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 WinNat;Windows NAT Driver;c:\windows\system32\drivers\winnat.sys [2018-4-12 181760]
S3 wlpasvc;Local Profile Assistant Service;c:\windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 44520]
S3 workfolderssvc;Work Folders;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S3 WpcMonSvc;Parental Controls;c:\windows\system32\svchost.exe -k LocalService [2018-4-12 44520]
S3 xbgm;Xbox Game Monitoring;c:\windows\system32\xbgmsvc.exe [2018-4-12 119920]
S3 XblAuthManager;Xbox Live Auth Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 XblGameSave;Xbox Live Game Save;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 xboxgip;Xbox Game Input Protocol Driver;c:\windows\system32\drivers\xboxgip.sys [2018-4-12 239616]
S3 XboxGipSvc;Xbox Accessory Management Service;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 XboxNetApiSvc;XboxNetApiSvc;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S3 xinputhid;XINPUT HID Filter Driver;c:\windows\system32\drivers\xinputhid.sys [2018-4-12 36864]
S4 AppVClient;Microsoft App-V Client;c:\windows\system32\AppVClient.exe [2018-5-17 633752]
S4 shpamsvc;Shared PC Account Manager;c:\windows\system32\svchost.exe -k netsvcs -p [2018-4-12 44520]
S4 tzautoupdate;Auto Time Zone Updater;c:\windows\system32\svchost.exe -k LocalService -p [2018-4-12 44520]
S4 UevAgentDriver;UevAgentDriver;c:\windows\system32\drivers\UevAgentDriver.sys [2018-4-12 35736]
S4 UevAgentService;User Experience Virtualization Service;c:\windows\system32\AgentService.exe [2018-4-12 838144]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=c:\windows\system32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: SZBrowser.exe: open="c:\program files\avast software\szbrowser\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-05-26 04:27:32 -------- d-----w- c:\programdata\Visan
2018-05-26 04:27:32 -------- d-----w- c:\programdata\HP Photo Creations
2018-05-26 04:27:32 -------- d-----w- c:\program files\HP Photo Creations
2018-05-26 04:26:56 -------- d-----w- c:\program files\HP
2018-05-26 04:26:23 -------- d-----w- c:\users\lorraine\appdata\local\HP
2018-05-23 19:46:26 465584 ----a-w- c:\program files\common files\microsoft shared\office16\LICLUA.EXE
2018-05-23 19:40:36 29872 ----a-w- c:\program files\common files\microsoft shared\office16\office setup controller\pkeyconfig.companion.dll
2018-05-23 19:30:16 212144 ----a-w- c:\program files\common files\microsoft shared\source engine\OSE.EXE
2018-05-21 05:31:47 184632 ----a-w- c:\windows\system32\drivers\aswHdsKe.sys
2018-05-18 09:47:25 220896 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys
2018-05-18 09:47:09 -------- d-----w- c:\programdata\Malwarebytes
2018-05-18 09:47:09 -------- d-----w- c:\program files\Malwarebytes
2018-05-17 12:37:30 -------- d-----w- c:\windows\system32\Microsoft
2018-05-17 12:37:30 -------- d-----w- c:\windows\ServiceProfiles
2018-05-17 12:33:48 3398144 ----a-w- c:\windows\system32\xpsrchvw.exe
2018-05-17 12:33:47 82432 ----a-w- c:\windows\system32\XPSSHHDR.dll
2018-05-17 12:33:47 575488 ----a-w- c:\windows\system32\XpsFilt.dll
2018-05-17 11:31:12 -------- d-----w- c:\programdata\Microsoft OneDrive
2018-05-17 03:01:46 -------- d-sh--w- C:\Recovery
2018-05-17 03:01:23 -------- d-----w- c:\windows\system32\drivers\wd
2018-05-17 02:52:58 -------- d-----w- c:\windows\system32\wbem\Performance
2018-05-17 02:48:57 -------- d-----w- c:\windows\system32\wbem\mof\good
2018-05-17 02:48:56 -------- d-----w- c:\windows\system32\wbem\mof\bad
2018-05-17 02:45:47 -------- d-----w- c:\programdata\USOShared
2018-05-17 02:44:50 -------- d--h--w- c:\users\lorraine\AppData
2018-05-17 02:44:50 -------- d-----w- c:\users\lorraine\appdata\local\Temp
2018-05-17 02:44:50 -------- d-----w- c:\users\lorraine\appdata\local\Microsoft
2018-05-17 02:43:35 -------- d-----w- c:\windows\system32\wbem\MOF
2018-05-17 02:42:31 -------- d-----w- c:\windows\system32\SleepStudy
2018-05-16 10:45:05 -------- dc----w- c:\windows\Panther
.
==================== Find3M ====================
.
2018-06-07 00:53:35 22728 ----a-w- c:\windows\system32\drivers\SWDUMon.sys
2018-05-12 01:02:54 152344 ----a-w- c:\windows\system32\drivers\aswStm.sys
2018-05-12 01:02:53 71840 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2018-05-12 01:02:53 310784 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2018-05-12 01:02:52 42808 ----a-w- c:\windows\system32\drivers\aswHwid.sys
2018-05-12 01:02:52 167040 ----a-w- c:\windows\system32\drivers\aswArPot.sys
2018-05-12 01:02:52 133160 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2018-05-12 01:02:52 100544 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2018-05-12 01:02:08 784112 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2018-05-09 04:12:29 138711016 -c--a-w- c:\windows\system32\MRT-KB890830.exe
2018-05-01 21:22:36 835064 ----a-w- c:\windows\system32\FlashPlayerApp.exe
2018-05-01 21:22:36 179704 ----a-w- c:\windows\system32\FlashPlayerCPLApp.cpl
2018-04-12 05:44:42 107520 ----a-w- c:\windows\system32\browser.dll
2018-04-12 04:58:31 8704 ----a-w- c:\windows\system32\drivers\en-us\synth3dvsc.sys.mui
2018-04-11 20:31:21 208384 ----a-w- c:\windows\system32\msclmd.dll
2018-04-11 20:29:56 98304 ----a-w- c:\windows\system32\wlgpclnt.dll
2018-04-11 20:28:57 8704 ----a-w- c:\windows\system32\drivers\vmgid.sys
2018-04-11 12:45:32 118272 ----a-w- c:\windows\system32\poqexec.exe
2018-04-11 12:45:31 81408 ----a-w- c:\windows\system32\NetDriverInstall.dll
2018-04-11 12:45:31 727448 ----a-w- c:\windows\system32\SmiEngine.dll
2018-04-11 12:45:31 573344 ----a-w- c:\windows\system32\NetSetupEngine.dll
2018-04-11 12:45:31 204288 ----a-w- c:\windows\system32\PkgMgr.exe
2018-04-11 12:45:31 203680 ----a-w- c:\windows\system32\wdscore.dll
2018-04-11 12:45:31 112544 ----a-w- c:\windows\system32\SSShim.dll
2018-04-11 12:45:31 108448 ----a-w- c:\windows\system32\NetSetupApi.dll
2018-04-11 05:20:00 251096 ----a-w- c:\windows\system32\wmpeffects.dll
2018-04-11 05:20:00 153976 ----a-w- c:\windows\system32\wmpps.dll
2018-04-11 05:12:00 458240 ----a-w- c:\windows\system32\quickassist.exe
2018-04-11 05:08:00 9137664 ----a-w- c:\windows\system32\wmploc.DLL
2018-04-11 05:08:00 730624 ----a-w- c:\windows\system32\sqlceqp40.dll
2018-04-11 05:08:00 427520 ----a-w- c:\windows\system32\sqlcese40.dll
2018-04-11 05:08:00 2560 ----a-w- c:\windows\system32\wmerror.dll
2018-04-11 05:08:00 215040 ----a-w- c:\windows\system32\unregmp2.exe
2018-04-11 05:08:00 172544 ----a-w- c:\windows\system32\wmpdxm.dll
2018-04-11 05:08:00 101888 ----a-w- c:\windows\system32\wmpshell.dll
2018-04-11 05:07:00 9216 ----a-w- c:\windows\system32\spwmp.dll
2018-04-11 05:07:00 5632 ----a-w- c:\windows\system32\msdxm.ocx
2018-04-11 05:07:00 5632 ----a-w- c:\windows\system32\dxmasf.dll
2018-04-11 05:07:00 173568 ----a-w- c:\windows\system32\sqlceoledb40.dll
2018-04-11 05:07:00 117760 ----a-w- c:\windows\system32\sqlcecompact40.dll
2018-04-11 04:31:00 44032 ----a-w- c:\windows\system32\msdxm.tlb
2018-04-11 04:31:00 18944 ----a-w- c:\windows\system32\amcompat.tlb
2018-04-10 21:12:00 5739008 ----a-w- c:\windows\system32\prm0009.dll
2018-04-10 21:11:00 48640 ----a-w- c:\windows\system32\SyncProxy.dll
2018-04-10 21:11:00 48640 ----a-w- c:\windows\system32\APHostClient.dll
2018-04-10 21:11:00 45568 ----a-w- c:\windows\system32\InprocLogger.dll
2018-04-10 21:11:00 2629120 ----a-w- c:\windows\system32\NlsLexicons0009.dll
2018-04-10 21:11:00 16384 ----a-w- c:\windows\system32\APHostRes.dll
2018-04-10 21:11:00 15360 ----a-w- c:\windows\system32\MCCSPal.dll
2018-04-10 21:11:00 10752 ----a-w- c:\windows\system32\EasPolicyManagerBrokerPS.dll
2018-04-10 21:10:00 86016 ----a-w- c:\windows\system32\ActiveSyncCsp.dll
2018-04-10 21:10:00 78848 ----a-w- c:\windows\system32\InternetMailCsp.dll
2018-04-10 21:10:00 52224 ----a-w- c:\windows\system32\EASPolicyManagerBrokerHost.exe
2018-04-10 21:10:00 2560 ----a-w- c:\windows\system32\SyncRes.dll
2018-04-10 21:10:00 148480 ----a-w- c:\windows\system32\MCCSEngineShared.dll
2018-04-10 21:10:00 117760 ----a-w- c:\windows\system32\networkhelper.dll
2018-04-10 21:09:00 610816 ----a-w- c:\windows\system32\internetmail.dll
2018-04-10 21:09:00 520704 ----a-w- c:\windows\system32\SyncController.dll
2018-04-10 21:09:00 276480 ----a-w- c:\windows\system32\APHostService.dll
2018-04-10 21:09:00 214016 ----a-w- c:\windows\system32\accountaccessor.dll
2018-04-10 21:08:00 327680 ----a-w- c:\windows\system32\syncutil.dll
2018-04-10 21:07:00 361984 ----a-w- c:\windows\system32\AccountsRt.dll
2018-04-10 21:07:00 346112 ----a-w- c:\windows\system32\DavSyncProvider.dll
2018-04-10 21:06:00 5487616 ----a-w- c:\windows\system32\NlsData0009.dll
2018-04-10 21:06:00 1537024 ----a-w- c:\windows\system32\ActiveSyncProvider.dll
2018-04-04 10:32:56 55160 ----a-w- c:\windows\system32\drivers\lpsport.sys
2018-03-22 14:19:24 50336 ----a-w- c:\windows\system32\drivers\aswbunivx.sys
2018-03-22 14:19:24 276688 ----a-w- c:\windows\system32\drivers\aswblogx.sys
2018-03-22 14:19:23 185432 ----a-w- c:\windows\system32\drivers\aswbidsdriverx.sys
2018-03-22 14:19:23 157368 ----a-w- c:\windows\system32\drivers\aswbidshx.sys
2018-03-22 14:12:33 456864 ----a-w- c:\windows\system32\MpSigStub.exe
2018-03-19 17:10:00 1598976 ----a-w- c:\windows\system32\libcrypto.dll
.
===.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 17/05/2018 1:02:48 PM
System Uptime: 21/05/2018 3:34:19 PM (414 hours ago)
.
Motherboard: Hewlett-Packard | | 3031h
Processor: Intel(R) Core(TM)2 Duo CPU E8500 @ 3.16GHz | XU1 PROCESSOR | 3166/1333mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 465 GiB total, 414.034 GiB free.
D: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID:
Description: PCI Serial Port
Device ID: PCI\VEN_8086&DEV_2E17&SUBSYS_3034103C&REV_03\3&B1BFB68&0&1B
Manufacturer:
Name: PCI Serial Port
PNP Device ID: PCI\VEN_8086&DEV_2E17&SUBSYS_3034103C&REV_03\3&B1BFB68&0&1B
Service:
.
Class GUID: {4d36e96f-e325-11ce-bfc1-08002be10318}
Description: PS/2 Compatible Mouse
Device ID: ACPI\PNP0F13\4&3084B1C&0
Manufacturer: Microsoft
Name: PS/2 Compatible Mouse
PNP Device ID: ACPI\PNP0F13\4&3084B1C&0
Service: i8042prt
.
==== System Restore Points ===================
.
RP1: 17/05/2018 9:33:00 PM - Windows Update
RP2: 26/05/2018 2:43:49 PM - Removed Microsoft Office Basic Edition 2003
.
==== Installed Programs ======================
.
Adobe Flash Player 28 PPAPI
Avast Cleanup Premium
Avast Driver Updater
Avast Free Antivirus
Google Chrome
Google Update Helper
HP DeskJet 2130 series Basic Device Software
HP DeskJet 2130 series Help
HP Dropbox Plugin
HP Google Drive Plugin
HP Photo Creations
Jasc Paint Shop Pro 8
Microsoft Office 365 - en-us
Microsoft OneDrive
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215
Microsoft Visual C++ 2015 x86 Additional Runtime - 14.0.24215
Microsoft Visual C++ 2015 x86 Minimum Runtime - 14.0.24215
Mozilla Thunderbird 52.8.0 (x86 en-US)
Office 16 Click-to-Run Extensibility Component
Office 16 Click-to-Run Licensing Component
Office 16 Click-to-Run Localization Component
Product Improvement Study for HP DeskJet 2130 series
SafeZone Stable 4.58.2552.909
Skype 7.40
.
==== Event Viewer Messages From Past Week ========
.
7/06/2018 9:00:22 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {D63B10C5-BB46-4990-A94F-E40B9D520160} and APPID {9CA88EE3-ACB7-47C8-AFC4-AB702511C276} to the user DESKTOP-5KFHTUH\Lorraine SID (S-1-5-21-395152712-2620477987-3300426641-1001) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.
7/06/2018 10:53:22 AM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXd4tad4d57t4wtdbnnmb8v2xtzym8c1n8.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
6/06/2018 7:19:51 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy!App.AppXryc2qd338f5728r9gzzazav8206ba77s.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:App.AppXmtcan0h2tfbfy7k9kn8hbxb6dmzz1zh0.mca
6/06/2018 1:57:05 PM, Error: Microsoft-Windows-DistributedCOM [10016] - The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID {8BC3F05E-D86B-11D0-A075-00C04FB68820} and APPID {8BC3F05E-D86B-11D0-A075-00C04FB68820} to the user DESKTOP-5KFHTUH\Lorraine SID (S-1-5-21-395152712-2620477987-3300426641-1001) from address LocalHost (Using LRPC) running in the application container Microsoft.Windows.ContentDeliveryManager_10.0.17134.1_neutral_neutral_cw5n1h2txyewy SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). This security permission can be modified using the Component Services administrative tool.
31/05/2018 3:14:49 PM, Error: Microsoft-Windows-WindowsUpdateClient [20] - Installation Failure: Windows failed to install the following update with error 0x80073D02: 9WZDNCRFJBH4-Microsoft.Windows.Photos.
2/06/2018 7:03:34 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX6jbm6fjqte5wzzrf5807m7eq0z44q5gf.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
1/06/2018 7:35:07 PM, Error: Microsoft-Windows-DistributedCOM [10001] - Unable to start a DCOM Server: Microsoft.Windows.Cortana_1.10.7.17134_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppX360dyffbd5crx5cph6sy881bkkccrbr0.mca as Unavailable/Unavailable. The error: "0" Happened while starting this command: "C:\WINDOWS\system32\backgroundTaskHost.exe" -ServerName:CortanaUI.AppXy7vb4pc2dr3kc93kfc509b1d0arkfb2x.mca
.
==== End Of File ===========================
========== FINISH: 21:22:08.36 ===============

Hoping this is the right way to do this I have forgotten how I used to do it ..
thanks Lorrain..

↧

HP PC May have been infected with virus but Im not sure

June 10, 2018, 9:52 am

≫ Next: Clock resetting to incorrect time

≪ Previous: Computer is not performing as good as it should .

I am getting Hard Disk failure imminent message as well as a Reboot and select proper boot device or insert boot media in selected boot device and press a key. message. So I feel like it could be either or because this PC is old but my brother and I downloaded a game called Phoenix Rising and Norton Security warned me that the website had 2 Identity threats but I continued on anyway. The website didnt even load but I kept trying. I gave up but somehow he downloaded the game and soon after, the computer started acting up. So now we cant even start up the computer. We get the HP screen then immediately get this black screen with the messages I said earlier. Ive tried pressing F8 to get into safe mode but it wont work. Ive tried pressing ESC to go to boot menu but itll freeze. Im at a loss for what to do. Any suggestions or help please? We run on Windows 10.

↧

Clock resetting to incorrect time

June 14, 2018, 10:40 pm

≫ Next: Weird Noises in Background (Adware?)

≪ Previous: HP PC May have been infected with virus but Im not sure

I am experiencing a new problem with my Windows 10 laptop. My clock on the bottom right of my desktop keeps setting itself back. The amount of time is inconsistent, but it seems to be about 12 hours behind much of the time (I have not even seen it set in the future). I can reset the clock, but it revert to a prior time within a few hours.

I have followed the instructions for a potential virus or spyware issue. I have attached the attach.txt file as a .zip file. The following is my complete DDS.txt log. Thank you for any help you can offer.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by DSimkins at 12:17:13 on 2018-06-14
Microsoft Windows 10 Enterprise 10.0.17134.0.1252.1.1033.18.16196.11891 [GMT -4:00]
.
AV: Spybot - Search and Destroy *Enabled/Updated* {F77C7796-45C4-531E-0DAE-B4A8229B11C8}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Enabled/Updated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxCUIService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\ibtsiva.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files (x86)\Identity Finder 9\idfEndpoint.exe
C:\Program Files (x86)\Identity Finder 9\idfEndpointWatcher64.exe
C:\Program Files (x86)\Identity Finder 9\idfServicesMonitor.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxEM.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\CrashPlanService.exe
C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\electron\CrashPlanDesktop.exe
C:\Users\DSimkins\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\acrotray.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\electron\CrashPlanDesktop.exe
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localservice -s W32Time
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\explorer.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files (x86)\Microsoft Office\Office16\MsoSync.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\splwow64.exe
c:\windows\system32\svchost.exe -k printworkflow -s PrintWorkflowUserSvc
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office16\GROOVEEX.DLL
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\AcroIEFavStub.dll
uRun: [OneDrive] "C:\Users\DSimkins\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [CrashPlanServiceUser] C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\CrashPlanService.vbs
uRun: [CrashPlanService] C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\CrashPlanService.vbs
uRun: [CrashPlanTray] "C:\Users\DSimkins\AppData\Local\Programs\CrashPlan\electron\CrashPlanDesktop.exe" --menubar --desktop=false --user.install
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Discord] C:\Users\DSimkins\AppData\Local\Discord\app-0.0.301\Discord.exe
uRun: [Adobe Acrobat Synchronizer] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\AdobeCollabSync.exe"
uRun: [Spotify Web Helper] C:\Users\DSimkins\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
uRun: [Lync] "C:\Program Files (x86)\Microsoft Office\Office16\lync.exe" /fromrunkey
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRunOnce: [Application Restart #3] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe --flag-switches-begin --flag-switches-end --restore-last-session -- "https://home.mcafee.com/SecurityScanner/SSLandPage.aspx?ss=3&avs=3&avu=1&avm=0&av=Windows%20Defender&fws=3&fwu=1&fwm=0&fw=Windows%20Firewall&sa=0&ths=3&trj=0&vir=0&pup=0&webd=0&web=0&virc=0&trjc=0&pupc=0&cver=3.11.717.1&avn=3&fwn=3&Pkg=n&tid=UA-49812791-4&uid=8CF7E669-68E8-4134-9306-0077A577CEDF&idt=16042018&Osn=Windows%2010%2064%20bit&geo=244&mbxr=true&clkcnt=0&scncnt=5&Pavn=Windows Defender&Pavs=Enabled&wts=Unknown&rid=10&affid=739&culture=en-US&src=top&srclbl=Mbox Fix"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat DC\Acrobat\Acrotray.exe"
mRun: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
mRun: [Autodesk Desktop App] "C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe" -tray
mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe"
mRun: [LogMeIn Hamachi Ui] "C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.717\SSScheduler.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{118eafea-5e29-495e-af2f-8553a7964a42} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\1647F535451425245534B435F5759623 : DHCPNameServer = 103.5.140.1 103.5.140.2
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\259445 : DHCPNameServer = 129.21.3.17 129.21.4.18
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\321447458656D4F68797 : DHCPNameServer = 172.20.26.1
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\4456C6471635B69734C65726 : DHCPNameServer = 192.168.208.1
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\4456C6471675966496 : DHCPNameServer = 172.19.134.2
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\4475350286F6473707F647 : DHCPNameServer = 192.168.43.1
TCP: Interfaces\{e6ee7e9a-e236-4d70-a4ad-3e87e3d64595}\530313847516D2430373145413 : DHCPNameServer = 192.168.128.1 192.168.128.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\DC\x64\AcroIEFavStub.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 127.0.0.1 spywareinfo.com*-*This website is for sale!*-*spywareinfo Resources and Information.
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\DSimkins\AppData\Roaming\Mozilla\Firefox\Profiles\z8ubvpmk.default\
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 SDHookDriver;Hook Test Driver;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDHookDrv64.sys [2018-6-13 92032]
R2 AdAppMgrSvc;Autodesk Desktop App Service;C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [2018-3-8 1364904]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-4-24 818128]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-10 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-8-23 2128872]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_5b547;Connected Devices Platform User Service_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 Hamachi2Svc;LogMeIn Hamachi Tunneling Engine;C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [2018-5-30 3346856]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 IdentityFinderEndpointService;Identity Finder Endpoint Service;C:\Program Files (x86)\Identity Finder 9\idfEndpoint.exe [2016-4-27 12964408]
R2 IdentityFinderEndpointWatcher;Identity Finder Endpoint Watcher;C:\Program Files (x86)\Identity Finder 9\idfEndpointWatcher64.exe [2016-4-27 5206016]
R2 IdentityFinderServicesMonitor;Identity Finder Services Monitor;C:\Program Files (x86)\Identity Finder 9\idfServicesMonitor.exe [2016-4-27 3673656]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\igfxCUIService.exe [2018-1-25 415696]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\microsoft shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2017-9-28 21304]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe [2016-5-27 419248]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-3-8 462968]
R2 OneSyncSvc_5b547;Sync Host_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2018-6-13 3892256]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-6-13 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-6-13 233712]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-11-3 279128]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 vpnagent;Cisco AnyConnect Secure Mobility Agent;C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe [2013-10-10 558480]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_5b547;Windows Push Notifications User Service_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AirplaneModeHid;Insyde Airplane Mode HID Mini-Driver;C:\WINDOWS\System32\drivers\AirplaneModeHid.sys [2017-10-25 46512]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2018-1-10 136128]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-12-8 820168]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBfilt;MBfilt;C:\WINDOWS\System32\drivers\MBfilt64.sys [2016-11-17 41080]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit;C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-4-11 7689728]
R3 PimIndexMaintenanceSvc_5b547;Contact Data_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 PrintWorkflowUserSvc_5b547;PrintWorkflow_5b547;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2017-1-18 787968]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2018-3-8 72792]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
R3 UnistoreSvc_5b547;User Data Storage_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_5b547;User Data Access_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 acsock;acsock;C:\WINDOWS\System32\drivers\acsock64.sys [2018-3-8 112496]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9;C:\WINDOWS\System32\drivers\aftap0901.sys [2018-3-6 48624]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 BcastDVRUserService_5b547;GameDVR and Broadcast User Service_5b547;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_5b547;Bluetooth User Support Service_5b547;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_5b547;CaptureService_5b547;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_150c36a550ed11f0\IntelCpHDCPSvc.exe [2018-1-25 479184]
S3 DevicePickerUserSvc_5b547;DevicePicker_5b547;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_5b547;DevicesFlow_5b547;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FlexNet Licensing Service 64;FlexNet Licensing Service 64;C:\Program Files\Common Files\Macrovision Shared\FlexNet Publisher\FNPLicensingService64.exe [2018-3-8 1591264]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 idfEndpointWatcherDriver;Identity Finder Endpoint Watcher Driver;C:\WINDOWS\System32\drivers\idfEndpointWatcherDriver.sys [2018-3-8 37432]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.717\McCHSvc.exe [2018-3-27 405392]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_5b547;MessagingService_5b547;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mi-raysat_3dsmax2017_64;mental ray Satellite for Autodesk 3ds Max 2017 64-bit;C:\Program Files\Autodesk\3ds Max 2017\raysat_3dsmax2017_64server.exe [2011-9-15 86016]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-6-12 1921952]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-6-12 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-4-11 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smbdirect;smbdirect;C:\WINDOWS\System32\drivers\smbdirect.sys [2018-4-11 152064]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-26 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2017-9-28 187904]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 VSStandardCollectorService150;Visual Studio Standard Collector Service 150;C:\Program Files (x86)\Microsoft Visual Studio\Shared\Common\DiagnosticsHub.Collection.Service\StandardCollector.Service.exe [2017-12-14 142440]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-5-31 61992]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [2018-5-31 4682552]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XeroxProdRegManager;Xerox PowerENGAGE Maintenance Service;C:\Program Files (x86)\Xerox PowerENGAGE\EngageService.exe [2016-9-13 293608]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-5-26 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: Dreamweaver.exe: Open="C:\Program Files\Adobe\Adobe Dreamweaver CC 2018\Dreamweaver.exe", "%1"
.
=============== Created Last 30 ================
.
2018-06-14 17:00:43 -------- d-----w- C:\Program Files (x86)\LogMeIn Hamachi
2018-06-13 17:22:49 32168 ----a-w- C:\WINDOWS\System32\sdnclean64.exe
2018-06-13 17:22:48 -------- d-----w- C:\ProgramData\Spybot - Search & Destroy
2018-06-13 17:22:31 -------- d-----w- C:\Program Files (x86)\Spybot - Search & Destroy 2
2018-06-13 00:36:12 14600328 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{02C32D3C-82B9-4EE1-A797-9864FE6DBE98}\mpengine.dll
2018-05-31 05:25:55 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\X86\MpAsDesc.dll
2018-05-26 17:51:14 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-26 17:51:14 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-26 17:50:02 4529664 ----a-w- C:\WINDOWS\SysWow64\VsGraphicsDesktopEngine.exe
2018-05-26 17:48:22 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-26 00:49:41 -------- d-----w- C:\Users\DSimkins\AppData\Local\D3DSCache
2018-05-26 00:49:15 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-26 00:47:48 2752000 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2018-05-26 00:47:48 -------- d-----w- C:\ProgramData\USOShared
2018-05-26 00:47:43 -------- d-sh--we C:\ProgramData\Documents
2018-05-26 00:47:20 134592 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-05-26 00:46:03 136144 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-05-26 00:45:30 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-26 00:45:29 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-26 00:45:29 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-26 00:45:20 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-26 00:13:25 -------- d-----w- C:\Users\DSimkins\Tracing
2018-05-26 00:13:17 -------- d-----r- C:\Program Files (x86)\Skype
2018-05-25 00:57:09 -------- dc----w- C:\WINDOWS\Panther
2018-05-16 22:38:59 -------- d-----w- C:\Program Files\VideoLAN
.
==================== Find3M ====================
.
2018-06-12 23:28:40 133315992 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-06-08 19:07:20 2266520 ----a-w- C:\WINDOWS\System32\AppVEntSubsystems64.dll
2018-06-08 19:07:13 40864 ----a-w- C:\WINDOWS\System32\AppVClientPS.dll
2018-06-08 19:07:09 19872 ----a-w- C:\WINDOWS\System32\AppVTerminator.dll
2018-06-08 19:07:09 183712 ----a-w- C:\WINDOWS\System32\mavinject.exe
2018-06-08 19:07:06 506184 ----a-w- C:\WINDOWS\System32\systemreset.exe
2018-06-08 19:05:19 94112 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2018-06-08 19:02:55 661160 ----a-w- C:\WINDOWS\System32\GenValObj.exe
2018-06-08 19:02:48 4527680 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-06-08 19:02:19 1634808 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-06-08 19:01:11 1046944 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2018-06-08 18:48:47 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-06-08 18:47:25 144384 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2018-06-08 18:46:37 584192 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll
2018-06-08 18:45:54 4392448 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2018-06-08 18:45:53 808960 ----a-w- C:\WINDOWS\System32\MBR2GPT.EXE
2018-06-08 18:45:39 1560576 ----a-w- C:\WINDOWS\System32\msdt.exe
2018-06-08 18:44:44 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2018-06-08 18:44:40 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-06-08 18:44:27 625152 ----a-w- C:\WINDOWS\System32\BootMenuUX.dll
2018-06-08 18:44:03 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-06-08 18:43:24 1719808 ----a-w- C:\WINDOWS\System32\dui70.dll
2018-06-08 18:43:20 1659904 ----a-w- C:\WINDOWS\System32\XpsPrint.dll
2018-06-08 18:43:15 2922496 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2018-06-08 18:43:11 3640832 ----a-w- C:\WINDOWS\System32\mstsc.exe
2018-06-08 18:43:06 1543680 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2018-06-08 18:43:05 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-06-08 18:42:57 1605632 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2018-06-08 18:42:50 3999232 ----a-w- C:\WINDOWS\System32\UIRibbon.dll
2018-06-08 18:42:39 3653120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-06-08 18:42:36 463872 ----a-w- C:\WINDOWS\System32\rdpshell.exe
2018-06-08 18:42:21 2084864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2018-06-08 18:42:19 800256 ----a-w- C:\WINDOWS\System32\pwcreator.exe
2018-06-08 18:42:17 327168 ----a-w- C:\WINDOWS\System32\rdpinit.exe
2018-06-08 18:42:01 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-06-08 18:41:45 878080 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-06-08 18:41:22 182272 ----a-w- C:\WINDOWS\System32\easwrt.dll
2018-06-08 18:41:13 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-06-08 18:41:06 2019840 ----a-w- C:\WINDOWS\System32\ResetEngine.dll
2018-06-08 18:41:02 1180672 ----a-w- C:\WINDOWS\System32\reseteng.dll
2018-06-08 18:40:48 465920 ----a-w- C:\WINDOWS\System32\DXP.dll
2018-06-08 17:07:31 148896 ----a-w- C:\WINDOWS\SysWow64\mavinject.exe
2018-06-08 17:06:54 1539488 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2018-06-08 17:04:16 1454024 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-06-08 16:58:40 917408 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2018-06-08 16:50:10 1508352 ----a-w- C:\WINDOWS\SysWow64\msdt.exe
2018-06-08 16:47:51 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2018-06-08 16:47:50 1032704 ----a-w- C:\WINDOWS\SysWow64\XpsPrint.dll
2018-06-08 16:47:31 2895872 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-06-08 16:47:30 3492864 ----a-w- C:\WINDOWS\SysWow64\UIRibbon.dll
2018-06-08 16:47:19 703488 ----a-w- C:\WINDOWS\SysWow64\CPFilters.dll
2018-06-08 16:47:12 1462784 ----a-w- C:\WINDOWS\SysWow64\dui70.dll
2018-06-08 16:46:55 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-06-08 16:46:41 2016256 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2018-06-08 16:46:35 3444224 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2018-06-08 16:45:51 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-06-08 16:06:33 976384 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-06-08 16:05:59 944640 ----a-w- C:\WINDOWS\System32\Windows.Mirage.Internal.dll
2018-06-08 16:05:24 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-06-08 14:00:19 658432 ----a-w- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
2018-06-08 14:00:16 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-06-08 10:38:23 5821544 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2018-06-08 10:37:27 2417840 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2018-06-08 10:35:52 613144 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2018-06-08 10:35:09 1613200 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-06-08 10:34:40 748512 ----a-w- C:\WINDOWS\System32\dxgi.dll
2018-06-08 10:34:21 1299056 ----a-w- C:\WINDOWS\SysWow64\D3D12.dll
2018-06-08 10:31:54 3180176 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-06-08 10:31:39 7900984 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-06-08 10:31:08 29600 ----a-w- C:\WINDOWS\System32\drivers\uefi.sys
2018-06-08 10:30:11 705440 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-06-08 09:34:40 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-06-08 09:34:11 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-06-08 09:33:58 1034632 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-06-08 09:33:53 1213368 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2018-06-08 09:33:24 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-06-08 09:33:22 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-06-08 09:31:16 226720 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-06-08 09:31:07 1012640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-06-08 09:31:00 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-06-08 09:29:47 1026976 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-06-08 09:13:12 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-06-08 09:12:12 786176 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-06-08 09:12:04 861616 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-06-08 09:11:59 550616 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2018-06-08 09:11:05 1461744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2018-06-08 09:10:39 97176 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2018-06-08 09:10:35 2479272 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2018-06-08 09:10:32 880152 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2018-06-08 09:10:31 457152 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-06-08 09:10:30 1988072 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-06-08 09:10:25 2331584 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-06-08 09:10:19 1397200 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-06-08 09:10:09 2307336 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-06-08 09:10:03 1011992 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-06-08 09:04:02 4706816 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-06-08 09:03:35 22005760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-06-08 09:03:34 38400 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryCore.dll
2018-06-08 09:03:14 32256 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2018-06-08 09:03:12 185344 ----a-w- C:\WINDOWS\System32\InstallServiceTasks.dll
.
============= FINISH: 12:18:53.54 ===============

Attached Files

attach.zip (4.4 KB)

↧

Weird Noises in Background (Adware?)

June 17, 2018, 12:32 pm

≫ Next: Possible Ransomware problem

≪ Previous: Clock resetting to incorrect time

I am hearing weird noises in the background (Noises, Words, Songs, Provocative Sounds) - assuming some sort of Adware. The noises can be heard by other ppl if i am chatting with them on Discord or other telecommunication software. When the noises come on, my cpu usage spikes and memory spikes.

I have backed up my device.

Logs:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.172.2
Run by tj2792 at 15:28:32 on 2018-06-17
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8083.4007 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\WINDOWS\SysWOW64\nlssrv32.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxEM.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\WOMic\WOMicClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k SDRSVC
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
svchost.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\tj2792\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Spotify] C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
uRun: [Spotify Web Helper] C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WOMICC~1.LNK - C:\Program Files (x86)\WOMic\WOMicClient.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{063abb76-96e9-4438-86b9-145718dc3de8} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5e7397a3-4469-42f4-8aa8-ef6727a92a79} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2016-8-22 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 MpKsl7ea685a9;MpKsl7ea685a9;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys [2018-6-17 58120]
R1 ZAM_Guard;ZAM Guard Driver;C:\WINDOWS\System32\drivers\zamguard64.sys [2018-6-16 203680]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-6-4 814688]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-9-26 2128872]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2016-8-22 936728]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2016-8-22 1360016]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_85cbe;Connected Devices Platform User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2016-3-3 7761584]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe [2017-7-31 605296]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe [2017-7-31 407152]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2015-5-7 272352]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-11 223520]
R2 nlsx86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2018-2-17 70768]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-5-19 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-4-7 469952]
R2 OneSyncSvc_85cbe;Sync Host_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_85cbe;Windows Push Notifications User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 asmthub3;ASMedia USB3 Hub Service;C:\WINDOWS\System32\drivers\asmthub3.sys [2015-6-5 149240]
R3 asmtxhci;ASMEDIA XHCI Service;C:\WINDOWS\System32\drivers\asmtxhci.sys [2015-6-5 442104]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d65x64.sys [2016-4-19 559080]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-5-11 825344]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-7 39920]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-3-18 59240]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-5-27 68112]
R3 PimIndexMaintenanceSvc_85cbe;Contact Data_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
R3 UnistoreSvc_85cbe;User Data Storage_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_85cbe;User Data Access_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-5-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [2018-5-31 4682552]
R3 wovad_micarray;WO Mic Device;C:\WINDOWS\System32\drivers\womic.sys [2017-5-21 37984]
RUnknown aswArPot;aswArPot; [x]
RUnknown aswbidsdriver;aswbidsdriver; [x]
RUnknown aswbidsh;aswbidsh; [x]
RUnknown aswblog;aswblog; [x]
RUnknown aswbuniv;aswbuniv; [x]
RUnknown aswHdsKe;aswHdsKe; [x]
RUnknown aswMonFlt;aswMonFlt; [x]
RUnknown aswRvrt;aswRvrt; [x]
RUnknown aswSnx;aswSnx; [x]
RUnknown aswSP;aswSP; [x]
RUnknown aswVmm;aswVmm; [x]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 BcastDVRUserService_85cbe;GameDVR and Broadcast User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-9-30 6875688]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_85cbe;Bluetooth User Support Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_85cbe;DevicePicker_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_85cbe;DevicesFlow_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-30 775296]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_85cbe;MessagingService_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-4-8 31168]
S3 PAExec;PAExec;C:\Windows\PAExec.exe -service --> C:\Windows\PAExec.exe -service [?]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_85cbe;PrintWorkflow_85cbe;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-6-12 1921952]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-6-12 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-27 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
SUnknown aswbIDSAgent;aswbIDSAgent; [x]
SUnknown aswHwid;aswHwid; [x]
SUnknown aswStm;aswStm; [x]
SUnknown avast! Antivirus;avast! Antivirus; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-06-17 19:24:35 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys
2018-06-17 19:24:02 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\mpengine.dll
2018-06-17 18:50:04 -------- d-----w- C:\Program Files (x86)\Common Files\Oracle
2018-06-17 18:45:39 -------- d-----w- C:\Program Files\AVAST Software
2018-06-17 18:45:21 -------- d-----w- C:\ProgramData\AVAST Software
2018-06-16 21:56:25 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-06-16 21:44:57 203680 ----a-w- C:\WINDOWS\System32\drivers\zamguard64.sys
2018-06-16 21:44:56 -------- d-----w- C:\Program Files (x86)\Zemana AntiMalware
2018-06-16 21:44:42 -------- d-----w- C:\Users\tj2792\AppData\Local\Zemana
2018-06-16 21:34:42 -------- d-----w- C:\Program Files\Malwarebytes
2018-06-13 02:49:01 7520000 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:01 6569960 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:00 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-06-01 01:09:17 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\X86\MpAsDesc.dll
2018-05-28 23:50:12 -------- d-----w- C:\Users\tj2792\AppData\Local\D3DSCache
2018-05-28 23:49:59 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-28 23:48:23 -------- d-sh--we C:\ProgramData\Documents
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-28 23:42:48 552480 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-05-28 23:42:48 456608 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2018-05-28 23:42:16 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-28 23:42:07 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-27 20:02:55 581120 ----a-w- C:\WINDOWS\SysWow64\hhctrl.ocx
2018-05-27 19:49:20 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2018-05-27 19:49:19 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2018-05-27 19:49:19 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:18 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:17 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2018-05-27 19:49:15 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2018-05-27 19:47:32 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-05-27 19:47:31 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-05-27 19:47:30 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-05-27 19:47:30 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-05-27 19:47:29 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-05-27 19:47:28 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-27 19:21:30 -------- d-----w- C:\.jagex_cache_32
2018-05-27 19:10:20 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-05-27 18:55:46 -------- dc----w- C:\WINDOWS\Panther
.
==================== Find3M ====================
.
2018-06-17 18:50:00 98760 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2018-06-13 02:50:41 133315992 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-06-08 19:07:06 506184 ----a-w- C:\WINDOWS\System32\systemreset.exe
2018-06-08 19:05:19 94112 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2018-06-08 19:02:55 661160 ----a-w- C:\WINDOWS\System32\GenValObj.exe
2018-06-08 19:02:48 4527680 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-06-08 19:02:19 1634808 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-06-08 19:01:11 1046944 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2018-06-08 18:48:47 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-06-08 18:47:25 144384 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2018-06-08 18:46:37 584192 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll
2018-06-08 18:45:54 4392448 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2018-06-08 18:45:53 808960 ----a-w- C:\WINDOWS\System32\MBR2GPT.EXE
2018-06-08 18:45:39 1560576 ----a-w- C:\WINDOWS\System32\msdt.exe
2018-06-08 18:44:44 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2018-06-08 18:44:40 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-06-08 18:44:27 625152 ----a-w- C:\WINDOWS\System32\BootMenuUX.dll
2018-06-08 18:44:03 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-06-08 18:43:24 1719808 ----a-w- C:\WINDOWS\System32\dui70.dll
2018-06-08 18:43:20 1659904 ----a-w- C:\WINDOWS\System32\XpsPrint.dll
2018-06-08 18:43:15 2922496 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2018-06-08 18:43:11 3640832 ----a-w- C:\WINDOWS\System32\mstsc.exe
2018-06-08 18:43:06 1543680 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2018-06-08 18:43:05 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-06-08 18:42:57 1605632 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2018-06-08 18:42:50 3999232 ----a-w- C:\WINDOWS\System32\UIRibbon.dll
2018-06-08 18:42:39 3653120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-06-08 18:42:21 2084864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2018-06-08 18:42:01 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-06-08 18:41:45 878080 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-06-08 18:41:22 182272 ----a-w- C:\WINDOWS\System32\easwrt.dll
2018-06-08 18:41:13 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-06-08 18:41:06 2019840 ----a-w- C:\WINDOWS\System32\ResetEngine.dll
2018-06-08 18:41:02 1180672 ----a-w- C:\WINDOWS\System32\reseteng.dll
2018-06-08 18:40:48 465920 ----a-w- C:\WINDOWS\System32\DXP.dll
2018-06-08 17:04:16 1454024 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-06-08 16:58:40 917408 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2018-06-08 16:50:10 1508352 ----a-w- C:\WINDOWS\SysWow64\msdt.exe
2018-06-08 16:47:51 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2018-06-08 16:47:50 1032704 ----a-w- C:\WINDOWS\SysWow64\XpsPrint.dll
2018-06-08 16:47:31 2895872 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-06-08 16:47:30 3492864 ----a-w- C:\WINDOWS\SysWow64\UIRibbon.dll
2018-06-08 16:47:19 703488 ----a-w- C:\WINDOWS\SysWow64\CPFilters.dll
2018-06-08 16:47:12 1462784 ----a-w- C:\WINDOWS\SysWow64\dui70.dll
2018-06-08 16:46:55 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-06-08 16:46:41 2016256 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2018-06-08 16:46:35 3444224 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2018-06-08 16:45:51 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-06-08 16:06:33 976384 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-06-08 16:05:59 944640 ----a-w- C:\WINDOWS\System32\Windows.Mirage.Internal.dll
2018-06-08 16:05:24 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-06-08 14:00:19 658432 ----a-w- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
2018-06-08 14:00:16 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-06-08 10:38:23 5821544 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2018-06-08 10:37:27 2417840 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2018-06-08 10:35:52 613144 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2018-06-08 10:35:09 1613200 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-06-08 10:34:40 748512 ----a-w- C:\WINDOWS\System32\dxgi.dll
2018-06-08 10:34:21 1299056 ----a-w- C:\WINDOWS\SysWow64\D3D12.dll
2018-06-08 10:31:54 3180176 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-06-08 10:31:39 7900984 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-06-08 10:31:08 29600 ----a-w- C:\WINDOWS\System32\drivers\uefi.sys
2018-06-08 10:30:11 705440 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-06-08 09:34:40 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-06-08 09:34:11 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-06-08 09:33:58 1034632 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-06-08 09:33:53 1213368 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2018-06-08 09:33:24 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-06-08 09:33:22 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-06-08 09:31:16 226720 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-06-08 09:31:07 1012640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-06-08 09:31:00 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-06-08 09:29:47 1026976 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-06-08 09:12:12 786176 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-06-08 09:12:04 861616 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-06-08 09:11:59 550616 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2018-06-08 09:11:05 1461744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2018-06-08 09:10:39 97176 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2018-06-08 09:10:35 2479272 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2018-06-08 09:10:32 880152 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2018-06-08 09:10:31 457152 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-06-08 09:10:30 1988072 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-06-08 09:10:25 2331584 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-06-08 09:10:19 1397200 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-06-08 09:10:09 2307336 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-06-08 09:10:03 1011992 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-06-08 09:04:02 4706816 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-06-08 09:03:35 22005760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-06-08 09:03:34 38400 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryCore.dll
2018-06-08 09:03:14 32256 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2018-06-08 09:03:12 185344 ----a-w- C:\WINDOWS\System32\InstallServiceTasks.dll
2018-06-08 09:03:07 906752 ----a-w- C:\WINDOWS\System32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-08 09:02:51 96768 ----a-w- C:\WINDOWS\System32\usoapi.dll
2018-06-08 09:02:35 59904 ----a-w- C:\WINDOWS\System32\edpnotify.exe
2018-06-08 09:02:00 35840 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2018-06-08 09:01:56 182272 ----a-w- C:\WINDOWS\System32\BitLockerCsp.dll
2018-06-08 09:01:54 342528 ----a-w- C:\WINDOWS\System32\browserexport.exe
2018-06-08 09:01:46 46080 ----a-w- C:\WINDOWS\System32\tbauth.dll
2018-06-08 09:01:36 46080 ----a-w- C:\WINDOWS\System32\drivers\hidparse.sys
2018-06-08 09:01:30 295424 ----a-w- C:\WINDOWS\System32\FSClient.dll
.
============= FINISH: 15:28:42.52 ===============

Attached Files

Attach.txt (12.0 KB)

↧

Possible Ransomware problem

June 17, 2018, 5:52 pm

≫ Next: [SOLVED] Possible Rootkit

≪ Previous: Weird Noises in Background (Adware?)

Had been victim of ransomware and subsequent "refund" scam. Gave remote control both times. I want to see if anything was installed that could be used against me in the future. dds text content follows. attach.text is available if you request it.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Carolyn at 11:12:54 on 2018-06-08
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.16281.11481 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security *Enabled/Updated* {E3FDBD9F-8140-1400-F32B-8B58923F7C4D}
SP: Norton Security *Enabled/Updated* {589C5C7B-A77A-1B8E-C99B-B02AE9B836F0}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Security *Enabled* {DBC63CBA-CB2F-1558-D874-226D6CEC3B36}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s CscService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\Program Files\IDT\WDM\STacSV64.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s wlidsvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
C:\WINDOWS\system32\fpCSEvtSvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe
C:\WINDOWS\system32\ibtsiva.exe
C:\Program Files (x86)\Canon\IJPLM\IJPLMSVC.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\Program Files\Intel\iCLS Client\HeciServer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Norton Security\Engine\22.14.0.54\NortonSecurity.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k netsvcs -s SCPolicySvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\Windows\system32\vcsFPService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files\iPod\bin\iPodService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\System32\svchost.exe -k NetworkService -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k netsvcs -p -s AppMgmt
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\taskhostw.exe
c:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\AMD\CNext\CNext\RadeonSettings.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\25.252.303.31\crashpad_handler.exe
C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\WINDOWS\splwow64.exe
C:\Program Files (x86)\Norton Security\Engine\22.14.0.54\NortonSecurity.exe
C:\Program Files (x86)\Adobe\Adobe Sync\Coresync\Coresync.exe
C:\Program Files (x86)\Canon\Quick Menu\CNQMUPDT.EXE
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud Experience\libs\node.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\CCLibrary.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCLibrary\libs\node.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\AMD\CNext\CCCSlim\MOM.exe
C:\Program Files (x86)\AMD\CNext\CCCSlim\CCC.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\SyncServer.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9330.20915.0_x64__8wekyb3d8bbwe\HxTsr.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wisvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://mail.google.com/mail/u/0/#inbox
uSearch Bar = Preserve
uProxyOverride = <-loopback>;*.local
BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexbho.dll
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine32\22.14.0.54\coIEPlg.dll
BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\CoIEPlg.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.14.0.54\coIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\CoIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine32\22.14.0.54\coIEPlg.dll
TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
EB: Canon Easy-WebPrint EX: {21347690-EC41-4F9A-8887-1F4AEE672439} - C:\Program Files (x86)\Canon\Easy-WebPrint EX\ewpexhlp.dll
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [Google Update] C:\Users\Carolyn\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
uRun: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\25.252.303.31\GoogleDriveFS.exe"
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\QLBController.exe /start
mRun: [YouCam Tray] "C:\Program Files (x86)\CyberLink\YouCam\YouCamTray.exe" /s
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [IJNetworkScannerSelectorEX] C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe /FORCE
mRun: [CanonQuickMenu] C:\Program Files (x86)\Canon\Quick Menu\CNQMMAIN.EXE /logon
uPolicies-System: DisableTaskMgr = dword:1
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
Trusted Zone: aol.com
DPF: {1851174C-97BD-4217-A0CC-E908F60D5B7A} - hxxps://h50203.www5.hp.com/WCLWeb/cabs/HPISDataManager.CAB
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{5204D194-F868-44AA-B651-09FF4628CD6E} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{5204D194-F868-44AA-B651-09FF4628CD6E}\6496F435D24384746365 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg pku2u wsauth
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxp://www.google.com
x64-mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Canon Easy-WebPrint EX BHO: {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security\Engine\22.14.0.54\coIEPlg.dll
x64-BHO: Norton Identity Protection: {AB4C7833-A6EC-433f-B9FE-6B14B1A2F836} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\CoIEPlg.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll
x64-TB: Norton Identity Safe Toolbar: {A13C2648-91D4-4bf3-BC6D-0079707C4389} - C:\Program Files (x86)\Norton Identity Safe\Engine64\2014.7.0.43\CoIEPlg.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.14.0.54\coIEPlg.dll
x64-TB: Canon Easy-WebPrint EX: {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [BLEServicesCtrl] C:\Program Files (x86)\Intel\Bluetooth\BleServicesCtrl.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.79\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Carolyn\AppData\Roaming\Mozilla\Firefox\Profiles\f09vn2b7.default-1484678648481-1525640076348\
FF - prefs.js: browser.startup.homepage - hxxps://mail.google.com/mail/u/0/#inbox
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Users\Carolyn\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Users\Carolyn\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2014-12-1 36608]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-5-29 646408]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symefasi64.sys [2018-4-19 1942096]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\BASHDefs\20180606.001\BHDrvx64.sys [2018-6-7 1879632]
R1 ccSet_NGC;NGC Settings Manager;C:\WINDOWS\System32\drivers\NGCx64\160E000.036\ccsetx64.sys [2018-4-19 187544]
R1 ccSet_NST;Norton Identity Safe Settings Manager;C:\WINDOWS\System32\drivers\NSTx64\7DE07000.02B\ccSetx64.sys [2014-3-28 162392]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 googledrivefs2356;googledrivefs2356;C:\WINDOWS\System32\drivers\googledrivefs2356.sys [2018-5-13 110960]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Security\NortonData\22.8.1.14\Definitions\IPSDefs\20180607.061\IDSvia64.sys [2018-6-7 1298000]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NGCx64\160E000.036\ironx64.sys [2018-4-19 307792]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symnets.sys [2018-4-19 566936]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-4-24 818128]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-8-23 2128872]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2018-4-21 543112]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-4-27 83768]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_b9ab10a;Connected Devices Platform User Service_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-7-20 8652976]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 fpCsEvtSvc;fpCsEvtSvc;C:\WINDOWS\System32\fpCSEvtSvc.exe [2017-8-9 22528]
R2 hpHotkeyMonitor;hpHotkeyMonitor;C:\Program Files (x86)\Hewlett-Packard\HP Hotkey Support\HPHotkeyMonitor.exe [2014-5-16 683296]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-9-28 332656]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics;C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-18 332216]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-5-22 18672]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2015-9-23 373760]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-8-27 747520]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2017-1-21 131544]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-1-21 169432]
R2 NCO;Norton Identity Safe;C:\Program Files (x86)\Norton Identity Safe\Engine\2014.7.0.43\NST.exe [2014-3-28 130104]
R2 NortonSecurity;Norton Security;C:\Program Files (x86)\Norton Security\Engine\22.14.0.54\nortonsecurity.exe [2018-4-19 328712]
R2 OneSyncSvc_b9ab10a;Sync Host_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-12-14 256168]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2017-8-9 82944]
R2 vcsFPService;Validity VCS Fingerprint Service;C:\WINDOWS\System32\vcsFPService.exe [2013-9-12 3221392]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_b9ab10a;Windows Push Notifications User Service_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2018-4-21 110088]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d65x64.sys [2016-1-23 548848]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-3-8 153168]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-3-9 230656]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2016-7-26 47008]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2018-4-11 3485696]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_b9ab10a;Contact Data_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2015-5-14 751632]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-8-29 51880]
R3 SPUVCbv;SPUVCb Driver Service;C:\WINDOWS\System32\drivers\SPUVCBv64.sys [2017-2-23 1063520]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_b9ab10a;User Data Storage_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 usb3Hub;UoIP Hub;C:\WINDOWS\System32\drivers\usb3Hub.sys [2013-6-20 206744]
R3 UserDataSvc_b9ab10a;User Data Access_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-2-2 34960]
R3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symelam.sys [2018-4-19 24608]
S2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2016-7-18 1202216]
S2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2016-7-18 1722408]
S2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2016-7-18 1161256]
S2 HP LaserJet Service;HP LaserJet Service;C:\Program Files (x86)\HP\HPLaserJetService\HPLaserJetService.exe [2012-5-2 164864]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-1-16 317400]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 BcastDVRUserService_b9ab10a;GameDVR and Broadcast User Service_b9ab10a;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_b9ab10a;Bluetooth User Support Service_b9ab10a;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 btmhsf;btmhsf;C:\WINDOWS\System32\drivers\btmhsf.sys [2016-4-27 1545704]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_b9ab10a;CaptureService_b9ab10a;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_b9ab10a;DevicePicker_b9ab10a;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_b9ab10a;DevicesFlow_b9ab10a;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HP DS Service;HP DS Service;C:\Program Files (x86)\HP\HPBDSService\HPBDSService.exe [2011-10-17 13824]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2014-3-3 169752]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-11-30 491048]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-8-27 828376]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-8-12 177376]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_b9ab10a;MessagingService_b9ab10a;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_b9ab10a;PrintWorkflow_b9ab10a;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-4-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-4-11 945560]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-4-11 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smbdirect;smbdirect;C:\WINDOWS\System32\drivers\smbdirect.sys [2018-4-11 152064]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2013-8-19 30448]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-5-20 976384]
S3 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-4-11 105376]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-4-11 29080]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-4-11 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 wpCtrlDrv_NGC;Symantec Webcam Control functional driver;C:\WINDOWS\System32\drivers\NGCx64\160E000.036\wpctrldrv.sys [2018-4-19 1007592]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S3 YMIDUSBW;Yamaha USB-MIDI Driver (WDM);C:\WINDOWS\System32\drivers\ymidusbx64.sys [2015-7-28 43744]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-5-20 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: MuseScore2.exe: open="C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe" "%1"
.
=============== Created Last 30 ================
.
2018-06-04 00:18:31 -------- d-----w- C:\Users\Carolyn\AppData\Roaming\VulpineCornpone
2018-05-30 02:26:23 -------- d-----w- C:\Program Files\iPod
2018-05-30 02:26:07 -------- d-----w- C:\Program Files\iTunes
2018-05-29 19:39:28 6 ----a-w- C:\WINDOWS\core32.dll
2018-05-29 18:44:35 -------- d-----w- C:\Users\Carolyn\AppData\Local\GoToAssist Remote Support Customer
2018-05-26 19:02:59 0 ----a-w- C:\WINDOWS\System32\GfxValDisplayLog.bin
2018-05-26 02:52:03 -------- d-----w- C:\Users\Carolyn\AppData\Local\D3DSCache
2018-05-24 09:46:26 465584 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-05-24 09:40:36 29872 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-05-24 09:30:16 212144 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-05-20 21:15:16 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-20 21:13:26 -------- d-sh--we C:\ProgramData\Documents
2018-05-20 21:13:24 -------- d-----w- C:\WINDOWS\System32\drivers\wd
2018-05-20 21:09:57 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2018-05-20 21:08:56 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-20 21:08:56 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-20 21:02:42 -------- d-----w- C:\ProgramData\USOShared
2018-05-20 21:01:52 2752000 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2018-05-20 20:59:52 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-20 20:59:16 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-20 18:46:46 99920 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2018-05-20 18:45:09 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
2018-05-20 18:37:39 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-20 18:37:39 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-20 18:27:59 624128 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-05-20 18:17:50 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2018-05-20 18:17:50 -------- d-----w- C:\WINDOWS\System32\msmq
2018-05-20 18:17:50 -------- d-----w- C:\WINDOWS\System32\BestPractices
2018-05-20 18:17:50 -------- d-----w- C:\inetpub
2018-05-20 18:17:04 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-05-20 18:17:03 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-05-20 18:17:02 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-05-20 18:17:02 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-05-20 18:17:00 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-05-20 18:16:59 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-20 18:15:25 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2018-05-20 18:15:24 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2018-05-20 18:15:24 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 18:15:23 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2018-05-20 18:15:21 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2018-05-20 18:15:19 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2018-05-20 16:47:56 -------- dc----w- C:\WINDOWS\Panther
2018-05-13 17:43:47 110960 ----a-w- C:\WINDOWS\System32\drivers\googledrivefs2356.sys
2018-05-10 23:12:10 244208 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
==================== Find3M ====================
.
2018-06-07 11:04:55 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-06-05 23:29:25 835056 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-06-05 23:29:25 179704 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-06-03 23:14:20 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-05-26 19:02:57 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-05-20 18:27:59 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-05-08 20:33:04 141696960 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-04-19 11:27:19 99920 ----a-w- C:\WINDOWS\SMSS-PFRO2e82.tmp
2018-04-12 09:20:29 95744 ----a-w- C:\WINDOWS\SysWow64\auditpolmsg.dll
2018-04-12 09:15:20 4096 ----a-w- C:\WINDOWS\SysWow64\wbem\en\Microsoft.AppV.AppVClientWmi.resources.dll
2018-04-12 09:15:20 4096 ----a-w- C:\WINDOWS\System32\wbem\en\Microsoft.AppV.AppVClientWmi.resources.dll
2018-04-12 09:15:07 6656 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2018-04-12 09:15:04 11776 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2018-04-12 09:15:01 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2018-04-11 23:36:40 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2018-04-11 23:36:39 229376 ----a-w- C:\WINDOWS\System32\msclmd.dll
2018-04-11 23:34:59 96256 ----a-w- C:\WINDOWS\SysWow64\IdCtrls.dll
2018-04-11 23:33:58 956416 ----a-w- C:\WINDOWS\System32\WebcamUi.dll
2018-04-11 21:04:40 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2018-04-11 21:04:39 141312 ----a-w- C:\WINDOWS\System32\poqexec.exe
2018-04-11 21:04:35 846744 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2018-04-11 21:04:35 795032 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2018-04-11 21:04:35 207872 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2018-04-11 21:04:35 141728 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2018-04-11 21:04:35 131488 ----a-w- C:\WINDOWS\System32\SSShim.dll
2018-04-11 21:04:35 110592 ----a-w- C:\WINDOWS\System32\NetDriverInstall.dll
2018-04-11 21:04:34 244640 ----a-w- C:\WINDOWS\System32\wdscore.dll
2018-04-11 07:08:00 387928 ----a-w- C:\WINDOWS\System32\wmpps.dll
2018-04-11 07:02:00 277424 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2018-04-11 06:44:00 571392 ----a-w- C:\WINDOWS\System32\quickassist.exe
2018-04-11 06:39:00 9137664 ----a-w- C:\WINDOWS\System32\wmploc.DLL
2018-04-11 06:39:00 906240 ----a-w- C:\WINDOWS\System32\sqlceqp40.dll
2018-04-11 06:39:00 7168 ----a-w- C:\WINDOWS\System32\msdxm.ocx
2018-04-11 06:39:00 7168 ----a-w- C:\WINDOWS\System32\dxmasf.dll
2018-04-11 06:39:00 517632 ----a-w- C:\WINDOWS\System32\sqlcese40.dll
2018-04-11 06:39:00 2560 ----a-w- C:\WINDOWS\System32\wmerror.dll
2018-04-11 06:39:00 254976 ----a-w- C:\WINDOWS\System32\unregmp2.exe
2018-04-11 06:39:00 215552 ----a-w- C:\WINDOWS\System32\wmpdxm.dll
2018-04-11 06:39:00 202240 ----a-w- C:\WINDOWS\System32\sqlceoledb40.dll
2018-04-11 06:39:00 137728 ----a-w- C:\WINDOWS\System32\sqlcecompact40.dll
2018-04-11 06:39:00 126464 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-04-11 06:39:00 11264 ----a-w- C:\WINDOWS\System32\spwmp.dll
2018-04-11 06:00:00 44032 ----a-w- C:\WINDOWS\System32\msdxm.tlb
2018-04-11 06:00:00 18944 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2018-04-11 05:20:00 251096 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2018-04-11 05:20:00 153976 ----a-w- C:\WINDOWS\SysWow64\wmpps.dll
2018-04-11 05:12:00 458240 ----a-w- C:\WINDOWS\SysWow64\quickassist.exe
2018-04-11 05:08:00 9137664 ----a-w- C:\WINDOWS\SysWow64\wmploc.DLL
2018-04-11 05:08:00 730624 ----a-w- C:\WINDOWS\SysWow64\sqlceqp40.dll
2018-04-11 05:08:00 427520 ----a-w- C:\WINDOWS\SysWow64\sqlcese40.dll
2018-04-11 05:08:00 2560 ----a-w- C:\WINDOWS\SysWow64\wmerror.dll
2018-04-11 05:08:00 215040 ----a-w- C:\WINDOWS\SysWow64\unregmp2.exe
2018-04-11 05:08:00 172544 ----a-w- C:\WINDOWS\SysWow64\wmpdxm.dll
2018-04-11 05:08:00 101888 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-04-11 05:07:00 9216 ----a-w- C:\WINDOWS\SysWow64\spwmp.dll
2018-04-11 05:07:00 5632 ----a-w- C:\WINDOWS\SysWow64\msdxm.ocx
2018-04-11 05:07:00 5632 ----a-w- C:\WINDOWS\SysWow64\dxmasf.dll
2018-04-11 05:07:00 173568 ----a-w- C:\WINDOWS\SysWow64\sqlceoledb40.dll
2018-04-11 05:07:00 117760 ----a-w- C:\WINDOWS\SysWow64\sqlcecompact40.dll
2018-04-11 04:31:00 44032 ----a-w- C:\WINDOWS\SysWow64\msdxm.tlb
2018-04-11 04:31:00 18944 ----a-w- C:\WINDOWS\SysWow64\amcompat.tlb
2018-04-10 21:11:00 48640 ----a-w- C:\WINDOWS\SysWow64\SyncProxy.dll
2018-04-10 21:11:00 48640 ----a-w- C:\WINDOWS\SysWow64\APHostClient.dll
2018-04-10 21:11:00 2629120 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2018-04-10 21:10:00 5739008 ----a-w- C:\WINDOWS\System32\prm0009.dll
2018-04-10 21:10:00 2560 ----a-w- C:\WINDOWS\SysWow64\SyncRes.dll
2018-04-10 21:10:00 148480 ----a-w- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
2018-04-10 21:10:00 117760 ----a-w- C:\WINDOWS\SysWow64\networkhelper.dll
2018-04-10 21:09:00 520704 ----a-w- C:\WINDOWS\SysWow64\SyncController.dll
2018-04-10 21:09:00 2629120 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2018-04-10 21:09:00 214016 ----a-w- C:\WINDOWS\SysWow64\accountaccessor.dll
2018-04-10 21:09:00 20480 ----a-w- C:\WINDOWS\System32\MCCSPal.dll
2018-04-10 21:08:00 93184 ----a-w- C:\WINDOWS\System32\InternetMailCsp.dll
2018-04-10 21:08:00 70656 ----a-w- C:\WINDOWS\System32\APHostClient.dll
2018-04-10 21:08:00 61952 ----a-w- C:\WINDOWS\System32\SyncProxy.dll
2018-04-10 21:08:00 57856 ----a-w- C:\WINDOWS\System32\InprocLogger.dll
2018-04-10 21:08:00 327680 ----a-w- C:\WINDOWS\SysWow64\syncutil.dll
2018-04-10 21:08:00 2560 ----a-w- C:\WINDOWS\System32\SyncRes.dll
2018-04-10 21:08:00 16384 ----a-w- C:\WINDOWS\System32\APHostRes.dll
2018-04-10 21:07:00 99328 ----a-w- C:\WINDOWS\System32\ActiveSyncCsp.dll
2018-04-10 21:07:00 62976 ----a-w- C:\WINDOWS\System32\EASPolicyManagerBrokerHost.exe
2018-04-10 21:07:00 361984 ----a-w- C:\WINDOWS\SysWow64\AccountsRt.dll
2018-04-10 21:07:00 346112 ----a-w- C:\WINDOWS\SysWow64\DavSyncProvider.dll
2018-04-10 21:07:00 176128 ----a-w- C:\WINDOWS\System32\MCCSEngineShared.dll
2018-04-10 21:07:00 13824 ----a-w- C:\WINDOWS\System32\EasPolicyManagerBrokerPS.dll
2018-04-10 21:06:00 731648 ----a-w- C:\WINDOWS\System32\internetmail.dll
2018-04-10 21:06:00 5487616 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2018-04-10 21:06:00 391168 ----a-w- C:\WINDOWS\System32\syncutil.dll
2018-04-10 21:06:00 267776 ----a-w- C:\WINDOWS\System32\accountaccessor.dll
2018-04-10 21:06:00 1537024 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2018-04-10 21:06:00 137728 ----a-w- C:\WINDOWS\System32\networkhelper.dll
2018-04-10 21:05:00 619520 ----a-w- C:\WINDOWS\System32\SyncController.dll
2018-04-10 21:05:00 403456 ----a-w- C:\WINDOWS\System32\DavSyncProvider.dll
2018-04-10 21:05:00 324608 ----a-w- C:\WINDOWS\System32\APHostService.dll
2018-04-10 21:04:00 434176 ----a-w- C:\WINDOWS\System32\AccountsRt.dll
2018-04-10 21:02:00 6350848 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2018-04-10 21:02:00 1773056 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2018-04-04 00:40:31 566936 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symnets.sys
2018-04-04 00:40:31 468616 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symtdiv.sys
2018-04-04 00:40:19 24608 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\160E000.036\symelam.sys
.
============= FINISH: 11:13:07.34 ===============

↧

[SOLVED] Possible Rootkit

June 25, 2018, 11:28 am

≫ Next: Suspected Malware

≪ Previous: Possible Ransomware problem

Hi, guys! I might have a problem here. I've been trying to fix it since last night, but haven't had any luck. My issue is probably a little complex, because it could be a little "old", but I'll try to explain everything.

1. 1-2 months ago I had a problem with my Windows. It started to freeze to a horrible level. Just so you have an idea, I took like 8 hours just to turn it off. I decided to format it, and it wouldn't let me go back to the last image, so I ended up formatting it to the moment when I bought it. This problem with getting back to the last image might be important soon enough.

2. Last night I was on one of my neurotic moments and decided to "profoundly scan" my notebook with my avg. It found a rootkit (Or so it says) on my windows.old folder. It's a hidden file. I can't even open this specific folder where the rootkit is. Just in case you need it, the path to it is: C:\Windows.old\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.8830.7600.0_x64__8wekyb3d8bbwe\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\OFFREL.DLL

3. Here's the catch: Months ago, I seemed to have had a OS and/or HD problem. I couldn't even go back to my last image. And now, the way I see it, the problem seems to be either a true rootkit problem, or a OS/HD problem still. I actually don't know. My area is not security, and I still don't have a lot of experience with development (Which is my area) as well, so I'm kinda of at a loss here.

4. What I did try was to scan in everyway with avg (It's never able to do anything with the file), I tried to delete the windows.old folder with the cleanmgr thing (The folder doesn't even show up - It doesn't matter if I open the tool as an administrator or open normally and then ask for it to show old windows files), I tried to run the OTL tool (It doesn't do anything. I think I tried twice), I tried to take control of the folder with cmd and then delete it (I manage to get partial control of it, or so the cmd says, but then I can't delete it, because it says the folders inside it are not empty - Which is odd, because the folder size is 0 when I check it). In short: Nothing is working.

5. Guys, I feel like I should tell you this. I tried to use the DDS as the rules tell me to, but it has a compatibility issue. Basically the link on the rules thread isn't that of a DDS for my version. So I'd be thankful if you guys could direct me to a DDS download link, so I can search for my version there. I searched a lot here in the forums, but couldn't find it. As soon as I can get it running on my notebook, I'll post the texts generated by it.

I thank you already!

↧

Suspected Malware

June 28, 2018, 10:00 pm

≫ Next: Malware 844 779 1333

≪ Previous: [SOLVED] Possible Rootkit

Hi,

Since the last few hours, I have observed the following:-

a) When I try to access the internet over my home WIFi from my Iphone, I get a message stating that i need to relogin to my apple id. When I enter my login credentials i get taken to a page (routed by gstatic.com) wjhich asks me to input my credit card details including 3D secure details and also my internet banking credentials.

b) This only occurs when I try and browse; Already installed apps like Netflix continues to work fine. However browing is not possible.

c) When I try and browse directly on my chrome browser on my iphone I get a message that "Your connection is not private" with the narration of NET::ERR_CERT_AUTHORITY_INVALID

d) When i try to browse through my HP laptop too on google I get an SSL error.

e) However, when I try and surf on any of my devices through mobile data (tethering) it all works fine.

Any idea on whats going on? And how do i solve this?

↧

Malware 844 779 1333

July 3, 2018, 11:47 am

≫ Next: I found a new virus not detected by any anti virus. Objectinstaller

≪ Previous: Suspected Malware

I suspect this is malware. Screen suggests I call 844-779-1333.
This is running on my wife's computer, but I'm communicating here from my own virus free computer. Your usual generous help will be much appreciated.

Here is DDS.scr

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Jane Hall at 14:34:43 on 2018-07-03
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8111.5430 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\WINDOWS\system32\ibtsiva.exe
C:\Program Files\Elantech\ETDService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files\Elantech\ETDCtrl.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Program Files\Elantech\ETDCtrlHelper.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\Jane Hall\AppData\Local\Microsoft\OneDrive\OneDrive.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11805.1001.42.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s DsmSvc
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -s WPDBusEnum
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
uRun: [OneDrive] "C:\Users\Jane Hall\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
TCP: NameServer = 192.168.2.1
TCP: Interfaces\{2ddb4c35-7547-4bdd-9090-7e921306f231} : DHCPNameServer = 192.168.2.1
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Jane Hall\AppData\Roaming\Mozilla\Firefox\Profiles\h8eohr4i.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.ca/
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_10ec2be9;Connected Devices Platform User Service_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2017-11-21 152536]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2017-10-20 365040]
R2 Killer Network Service;Killer Network Service;C:\WINDOWS\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2018-3-6 2327488]
R2 MBAMScheduler;MBAMScheduler;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [2018-4-12 452576]
R2 MBAMService;MBAMService;C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [2018-4-12 901088]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-4-11 462968]
R2 OneSyncSvc_10ec2be9;Sync Host_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_10ec2be9;Windows Push Notifications User Service_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 ETD;ELAN Input Device;C:\WINDOWS\System32\drivers\ETD.sys [2017-11-21 603208]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-8-10 232976]
R3 KillerEth;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller;C:\WINDOWS\System32\drivers\e2xw10x64.sys [2018-4-11 145920]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMProtector;MBAMProtector;C:\WINDOWS\System32\drivers\mbam.sys [2018-4-12 27008]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2018-4-11 3485696]
R3 RfeCoSvc;RfeCoSvc;C:\WINDOWS\System32\drivers\RivetNetworks\Killer\RfeCo10X64.sys [2018-3-6 141480]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2015-9-23 761600]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-6-27 59944]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe [2018-6-27 3925648]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 BcastDVRUserService_10ec2be9;GameDVR and Broadcast User Service_10ec2be9;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_10ec2be9;Bluetooth User Support Service_10ec2be9;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_10ec2be9;DevicePicker_10ec2be9;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_10ec2be9;DevicesFlow_10ec2be9;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-11-2 491088]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_10ec2be9;MessagingService_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PimIndexMaintenanceSvc_10ec2be9;Contact Data_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_10ec2be9;PrintWorkflow_10ec2be9;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-6-13 1921952]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-6-13 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-10 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UnistoreSvc_10ec2be9;User Data Storage_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 UserDataSvc_10ec2be9;User Data Access_10ec2be9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-13 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-07-03 18:26:35 -------- d-----w- C:\Users\Jane Hall\AppData\Local\D3DSCache
2018-07-03 17:44:15 14756216 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B18B517B-997D-4995-AEE7-762D2B18F48F}\mpengine.dll
2018-07-02 19:15:58 14756216 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-06-21 01:31:17 -------- d-----w- C:\ProgramData\Packages
2018-06-13 12:30:59 3999232 ----a-w- C:\WINDOWS\System32\UIRibbon.dll
2018-06-10 04:35:07 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-06-10 04:35:07 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-06-10 04:28:47 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-06-10 04:28:47 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-06-10 04:28:47 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-06-10 04:28:46 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-06-10 04:28:46 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-06-10 04:28:46 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-06-10 01:00:28 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-06-10 00:59:22 -------- d-----w- C:\ProgramData\RivetNetworks
2018-06-10 00:59:18 -------- d-----w- C:\WINDOWS\System32\drivers\RivetNetworks\Killer
2018-06-10 00:59:18 -------- d-----w- C:\WINDOWS\System32\drivers\RivetNetworks
2018-06-10 00:57:17 -------- d-sh--we C:\ProgramData\Documents
2018-06-10 00:57:17 -------- d-sh--w- C:\Recovery
2018-06-10 00:46:09 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-06-10 00:46:09 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-06-10 00:41:53 -------- d-----w- C:\ProgramData\USOShared
2018-06-10 00:41:23 2752000 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2018-06-10 00:41:16 95216 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2018-06-10 00:41:16 91120 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-06-10 00:39:17 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-06-10 00:38:42 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-06-06 19:51:15 -------- dc----w- C:\WINDOWS\Panther
.
==================== Find3M ====================
.
2018-07-03 17:39:57 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-06-27 04:23:49 59944 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-06-27 04:23:49 46592 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-06-27 04:23:49 340008 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-06-13 12:34:33 133315992 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-06-10 00:41:14 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-06-08 19:07:06 506184 ----a-w- C:\WINDOWS\System32\systemreset.exe
2018-06-08 19:05:19 94112 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2018-06-08 19:02:55 661160 ----a-w- C:\WINDOWS\System32\GenValObj.exe
2018-06-08 19:02:48 4527680 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-06-08 19:02:19 1634808 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-06-08 19:01:11 1046944 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2018-06-08 18:48:47 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-06-08 18:47:25 144384 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2018-06-08 18:46:37 584192 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll
2018-06-08 18:45:54 4392448 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2018-06-08 18:45:53 808960 ----a-w- C:\WINDOWS\System32\MBR2GPT.EXE
2018-06-08 18:45:39 1560576 ----a-w- C:\WINDOWS\System32\msdt.exe
2018-06-08 18:44:44 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2018-06-08 18:44:40 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-06-08 18:44:27 625152 ----a-w- C:\WINDOWS\System32\BootMenuUX.dll
2018-06-08 18:44:03 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-06-08 18:43:24 1719808 ----a-w- C:\WINDOWS\System32\dui70.dll
2018-06-08 18:43:20 1659904 ----a-w- C:\WINDOWS\System32\XpsPrint.dll
2018-06-08 18:43:15 2922496 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2018-06-08 18:43:11 3640832 ----a-w- C:\WINDOWS\System32\mstsc.exe
2018-06-08 18:43:06 1543680 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2018-06-08 18:43:05 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-06-08 18:42:57 1605632 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2018-06-08 18:42:39 3653120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-06-08 18:42:21 2084864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2018-06-08 18:42:01 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-06-08 18:41:45 878080 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-06-08 18:41:22 182272 ----a-w- C:\WINDOWS\System32\easwrt.dll
2018-06-08 18:41:13 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-06-08 18:41:06 2019840 ----a-w- C:\WINDOWS\System32\ResetEngine.dll
2018-06-08 18:41:02 1180672 ----a-w- C:\WINDOWS\System32\reseteng.dll
2018-06-08 18:40:48 465920 ----a-w- C:\WINDOWS\System32\DXP.dll
2018-06-08 17:04:16 1454024 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-06-08 16:58:40 917408 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2018-06-08 16:50:10 1508352 ----a-w- C:\WINDOWS\SysWow64\msdt.exe
2018-06-08 16:47:51 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2018-06-08 16:47:50 1032704 ----a-w- C:\WINDOWS\SysWow64\XpsPrint.dll
2018-06-08 16:47:31 2895872 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-06-08 16:47:30 3492864 ----a-w- C:\WINDOWS\SysWow64\UIRibbon.dll
2018-06-08 16:47:19 703488 ----a-w- C:\WINDOWS\SysWow64\CPFilters.dll
2018-06-08 16:47:12 1462784 ----a-w- C:\WINDOWS\SysWow64\dui70.dll
2018-06-08 16:46:55 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-06-08 16:46:41 2016256 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2018-06-08 16:46:35 3444224 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2018-06-08 16:45:51 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-06-08 16:06:33 976384 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-06-08 16:05:59 944640 ----a-w- C:\WINDOWS\System32\Windows.Mirage.Internal.dll
2018-06-08 16:05:24 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-06-08 14:00:19 658432 ----a-w- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
2018-06-08 14:00:16 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-06-08 10:38:23 5821544 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2018-06-08 10:37:27 2417840 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2018-06-08 10:35:52 613144 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2018-06-08 10:35:09 1613200 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-06-08 10:34:40 748512 ----a-w- C:\WINDOWS\System32\dxgi.dll
2018-06-08 10:34:21 1299056 ----a-w- C:\WINDOWS\SysWow64\D3D12.dll
2018-06-08 10:31:54 3180176 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-06-08 10:31:39 7900984 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-06-08 10:31:08 29600 ----a-w- C:\WINDOWS\System32\drivers\uefi.sys
2018-06-08 10:30:11 705440 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-06-08 09:34:40 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-06-08 09:34:11 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-06-08 09:33:58 1034632 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-06-08 09:33:53 1213368 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2018-06-08 09:33:24 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-06-08 09:33:22 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-06-08 09:31:16 226720 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-06-08 09:31:07 1012640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-06-08 09:31:00 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-06-08 09:29:47 1026976 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-06-08 09:13:12 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-06-08 09:12:12 786176 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-06-08 09:12:04 861616 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-06-08 09:11:59 550616 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2018-06-08 09:11:05 1461744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2018-06-08 09:10:39 97176 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2018-06-08 09:10:35 2479272 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2018-06-08 09:10:32 880152 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2018-06-08 09:10:31 457152 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-06-08 09:10:30 1988072 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-06-08 09:10:25 2331584 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-06-08 09:10:19 1397200 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-06-08 09:10:09 2307336 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-06-08 09:10:03 1011992 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-06-08 09:04:02 4706816 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-06-08 09:03:35 22005760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-06-08 09:03:34 38400 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryCore.dll
2018-06-08 09:03:14 32256 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2018-06-08 09:03:12 185344 ----a-w- C:\WINDOWS\System32\InstallServiceTasks.dll
2018-06-08 09:03:07 906752 ----a-w- C:\WINDOWS\System32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-08 09:02:51 96768 ----a-w- C:\WINDOWS\System32\usoapi.dll
2018-06-08 09:02:35 59904 ----a-w- C:\WINDOWS\System32\edpnotify.exe
2018-06-08 09:02:00 35840 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2018-06-08 09:01:56 182272 ----a-w- C:\WINDOWS\System32\BitLockerCsp.dll
.
============= FINISH: 14:36:15.83 ===============

Attached Files

attach.txt (4.7 KB)

↧

I found a new virus not detected by any anti virus. Objectinstaller

July 11, 2018, 5:07 pm

≫ Next: Scam about porn

≪ Previous: Malware 844 779 1333

Nothing detects this yet.

Not malwarebytes

Not ADW

Not Win defender

No antivirus programs

The process creates a C:\Program Files\ObjectInstallerService folder containing a data file and objectinstaller.exe

This is a delayed service in Windows services.

The .exe file is a self extracting executable.

It creates a Tor folder in program files.

Examining the contents of the zip without executing it lists a number of files. One of which contains the following string.

The executable strings include:

A p p D a t a G P U R i s e g p u r i s e . z i p !G P U R i s e A g e n t . e x e s e r v i c e 2 o t h e r p a y l o a d 2 . z i p s t a r t _ m i n 1\ O b j e c t I n s t a l l e r S e r v i c e \ W/ C c h o i c e / C Y / N / D Y / T 8 & r m d i r / Q / S " " c m d . e x e [S o f t w a r e \ M i c r o s o f t \ W i n d o w s \ C u r r e n t V e r s i o n \ R u n 1 2 7 . 0 . 0 . 1 -m j o 7 m w 3 q 4 m t g s i k z . o n i o n G E T / á H T T P / 1 . 1

H o s t : m j o 7 m w 3 q 4 m t g s i k z . o n i o n

C o n n e c t i o n : k e e p - a l i v e

A c c e p t : t e x t / h t m l

U s e r - A g e n t : g p u b o o s t 0 . 1

7\

C o n t e n t - L e n g t h : ( . * ? ) \

X 2 d e s k t o p
l a p t o p ;s e l e c t * f r o m W i n 3 2 _ P r o c e s s o r Gs e l e c t * f r o m W i n 3 2 _ V i d e o C o n t r o l l e r r o o t \ C I M V 2 iS E L E C T T o t a l P h y s i c a l M e m o r y F R O M W i n 3 2 _ C o m p u t e r S y s t e m 'T o t a l P h y s i c a l M e m o r y n a m e A d a p t e r R A M
n v i d i a a m d N u m b e r O f C o r e s SS E L E C T C a p t i o n F R O M W i n 3 2 _ O p e r a t i n g S y s t e m / u p l o a d / i n s t a l l !P O S T / u p l o a d H T T P / 1 . 1

H o s t : m j o 7 m w 3 q 4 m t g s i k z . o n i o n

C o n n e c t i o n : k e e p - a l i v e

A c c e p t : t e x t / h t m l

C o n t e n t - t y p e : a p p l i c a t i o n / j s o n

C o n t e n t - L e n g t h : 7

U s e r - A g e n t : m i n e r 0 . 1

g e f o r c e
r a d e o n QB a d r e s p o n s e r e c e i v e d f r o m p r o x y s e r v e r . 1A u t h e n t i c a t i o n r e q u i r e d . CO p e r a t i o n c o m p l e t e d s u c c e s s f u l l y . ;G e n e r a l S O C K S s e r v e r f a i l u r e . EC o n n e c t i o n n o t a l l o w e d b y r u l e s e t . )N e t w o r k u n r e a c h a b l e . #H o s t u n r e a c h a b l e . 'C o n n e c t i o n r e f u s e d . T T L e x p i r e d . -C o m m a n d n o t s u p p o r t e d . 7A d d r e s s t y p e n o t s u p p o r t e d . U n k n o w n e r r o r . t o r t o r . e x e t o r . z i p MT o r h a s s u c c e s s f u l l y o p e n e d a c i r c u i t . \ T o r \ X = Y = E n t e r X O f f s e t X O f f s e t 1 'W r o n g P a r a m e t e r s . . . E n t e r Y O f f s e t Y O f f s e t %p i c t u r e L e v e l . I m a g e p i c t u r e L e v e l
p R i g h t p L e f t p S e l e c t e d l i s t m e n u m e n u S t r i p 1 +f i l e T o o l S t r i p M e n u I t e m F i l e m O p e n O p e n . . . m S a v e S a v e m S a v e A s S a v e a s . . . %t o o l S t r i p M e n u I t e m 1 m E x i t E x i t 1a c t i o n d T o o l S t r i p M e n u I t e m A c t i o n s Ao f f s e t X S e l e c t e d T o o l S t r i p M e n u I t e m !O f f s e t X S e l e c t e d Ao f f s e t Y S e l e c t e d T o o l S t r i p M e n u I t e m !O f f s e t Y S e l e c t e d -a b o u t T o o l S t r i p M e n u I t e m A b o u t P T o p P R e s t )M a r i o L e v e l s | * . x m l p B u t t o m
s t a t u s s t a t u s S t r i p 1
l a b e l x
l a b e l y
T a h o m a o b j e c t n a m e l a b e l $ t h i s . I c o n M a i n F o r m L e v e l E d i t o r . d l l c I n t c B o o l T r u e F a l s e
: X = , Y = . A r i a l l N a m e
l a b e l 1 c I n t 1 c I n t 2 c I n t 3
c B o o l 1
c B o o l 2
c B o o l 3
b C l o s e C l o s e b S a v e F o r m P a r a m s #O b j e c t P r o p e r t i e s / d a t a / u / I n s t a l l S e r v i c e -O b j e c t I n s t a l l e r S e r v i c e KM a r i o L e v e l E d i t o r . P r o p e r t i e s . R e s o u r c e s S e l e c t e d C a p t i o n

.onion is undeniably the Tor network. I believe its a GPU miner. It mines bitcoin remotely by taking over your GPU.

I don't know how I got this or who to inform about this file.

I saved a .zip copy if anyone wants it.

↧

Scam about porn

July 12, 2018, 10:49 am

≫ Next: Antivirus Customer help

≪ Previous: I found a new virus not detected by any anti virus. Objectinstaller

I received an unusual email stating that they had access to my desktop through a virus installed while watching porn, It shows what appears to be a close enough password to a certain site (Avast?) an demands money or a video of the porn I watched is sent to all my contacts...

I don't really believe much of it, but would like to feel certain that there is no virus installed in the computer.

Thank you

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.161.2
Run by Camilo at 18:40:37 on 2018-07-12
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.6056.2114 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Panda Protection *Disabled/Updated* {CF440CD9-5435-10B1-04E0-7768B6F10320}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Panda Protection *Disabled/Updated* {7425ED3D-720F-1F3F-3E50-4C1ACD76499D}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe
C:\Program Files\Elantech\ETDService.exe
C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\Program Files\Elantech\ETDCtrl.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\Explorer.EXE
C:\Program Files\Elantech\ETDTouch.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files\Elantech\ETDCtrlHelper.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18052.10711.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\POP Peeper\POPPeeper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\internet explorer\iexplore.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\OFFICE11\WINWORD.EXE
C:\WINDOWS\splwow64.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Program Files (x86)\Skype\Browser\SkypeBrowserHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.co.uk/?gws_rd=ssl
uLocal Page = %11%\blank.htm
BHO: AcroIEHlprObj Class: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files (x86)\Adobe\Acrobat 5.0\Reader\ActiveX\AcroIEHelper.ocx
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_161\bin\jp2ssv.dll
EB: F12 Developer Tools: {28BCCB9A-E66B-463C-82A4-09F320DE94D7} - C:\Windows\SysWOW64\F12\F12App.dll
uRun: [OneDrive] "C:\Users\Camilo\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [BingSvc] C:\Users\Camilo\AppData\Local\Microsoft\BingSvc\BingSvc.exe
uRun: [POP Peeper] "C:\Program Files (x86)\POP Peeper\POPPeeper.exe" -min
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [DelaypluginInstall] C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
mRun: [PSUAMain] "C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAMain.exe" /LaunchSysTray
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: MaxGPOScriptWait = dword:600
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
DPF: {7530BFB8-7293-4D34-9923-61A11451AFC5} - hxxp://download.eset.com/special/eos/OnlineScanner.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{11679750-d21a-44d1-8891-44048bbd542c} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{11679750-d21a-44d1-8891-44048bbd542c}\D454F4D2430353633473 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{8808ba8a-d705-48d3-a16e-dff1c958c936} : DHCPNameServer = 192.168.1.254
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
AppInit_DLLs= C:\WINDOWS\System32\DriverStore\FileRepository\nvsmwu.inf_amd64_40e2f893a8ddfad8\nvinit.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ETDCtrl] C:\Program Files (x86)\Elantech\ETDCtrl.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [HotKeysCmds] "C:\WINDOWS\System32\hkcmd.exe"
x64-Run: [Persistence] "C:\WINDOWS\System32\igfxpers.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: MaxGPOScriptWait = dword:600
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Camilo\AppData\Roaming\Mozilla\Firefox\Profiles\1jggpe4f.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/?gws_rd=ssl
FF - plugin: C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi-x64.dll
FF - plugin: C:\Users\Camilo\AppData\Local\SkypePlugin\7.32.6.278\npGatewayNpapi.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-12 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-12 58272]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2017-1-17 48696]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-12 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-12 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-11 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-12 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-12 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-12 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-12 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-12 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-12 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-12 8192]
R1 NNSALPC;NNSALPC;C:\WINDOWS\System32\drivers\nnsalpc.sys [2017-4-7 106976]
R1 NNSHTTP;NNSHTTP;C:\WINDOWS\System32\drivers\nnshttp.sys [2017-4-7 211936]
R1 NNSHTTPS;NNSHTTPS;C:\WINDOWS\System32\drivers\nnshttps.sys [2017-4-7 121312]
R1 NNSIDS;NNSIDS;C:\WINDOWS\System32\drivers\nnsids.sys [2017-4-7 125920]
R1 NNSNAHSL;NNSNAHSL;C:\WINDOWS\System32\drivers\NNSNAHSL.sys [2017-3-17 89960]
R1 NNSPICC;NNSPICC;C:\WINDOWS\System32\drivers\nnspicc.sys [2017-4-7 118240]
R1 NNSPIHSW;NNSPIHSW;C:\WINDOWS\System32\drivers\nnspihsw.sys [2017-4-7 91104]
R1 NNSPOP3;NNSPOP3;C:\WINDOWS\System32\drivers\nnspop3.sys [2017-4-7 135648]
R1 NNSPROT;NNSPROT;C:\WINDOWS\System32\drivers\nnsprot.sys [2017-4-7 336352]
R1 NNSPRV;NNSPRV;C:\WINDOWS\System32\drivers\nnsprv.sys [2017-4-7 226272]
R1 NNSSMTP;NNSSMTP;C:\WINDOWS\System32\drivers\nnssmtp.sys [2017-4-7 123360]
R1 NNSSTRM;NNSSTRM;C:\WINDOWS\System32\drivers\nnsstrm.sys [2017-4-7 280032]
R1 NNSTLSC;NNSTLSC;C:\WINDOWS\System32\drivers\nnstlsc.sys [2017-4-7 125408]
R1 PSINKNC;PSINKNC;C:\WINDOWS\System32\drivers\PSINKNC.sys [2017-10-9 207328]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R2 CDPUserSvc_76cd9;Connected Devices Platform User Service_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-12 414208]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-12 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-12 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
R2 ETDService;Elan Service;C:\Program Files\Elantech\ETDService.exe [2016-11-11 129752]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2015-12-20 333688]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics;C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-27 332216]
R2 NanoServiceMain;Panda Protection Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSANHost.exe [2017-7-19 109024]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-15 462784]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-4-6 458176]
R2 OneSyncSvc_76cd9;Sync Host_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R2 PandaAgent;Panda Devices Agent;C:\Program Files (x86)\Panda Security\Panda Devices Agent\AgentSvc.exe [2016-7-19 86104]
R2 PSINAflt;PSINAflt;C:\WINDOWS\System32\drivers\PSINAflt.sys [2017-10-9 179168]
R2 PSINFile;PSINFile;C:\WINDOWS\System32\drivers\PSINFile.sys [2017-10-9 140256]
R2 PSINProc;PSINProc;C:\WINDOWS\System32\drivers\PSINProc.sys [2017-10-9 133600]
R2 PSINProt;PSINProt;C:\WINDOWS\System32\drivers\PSINProt.sys [2017-10-9 146912]
R2 PSINReg;PSINReg;C:\WINDOWS\System32\drivers\PSINReg.sys [2017-10-9 117216]
R2 PSUAService;Panda Product Service;C:\Program Files (x86)\Panda Security\Panda Security Protection\PSUAService.exe [2017-7-19 48784]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-12 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-12 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-12 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 WpnUserService_76cd9;Windows Push Notifications User Service_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-12 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
R3 ETD;ELAN PS/2 Port Input Device;C:\WINDOWS\System32\drivers\ETD.sys [2016-11-11 589392]
R3 ETDSMBus;ETDSMBus;C:\WINDOWS\System32\drivers\ETDSMBus.sys [2015-8-5 32328]
R3 ibtfltcoex;Intel Corporation;C:\WINDOWS\System32\drivers\ibtfltcoex.sys [2016-4-1 77808]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-12 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-3-15 46016]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2017-3-15 57792]
R3 PimIndexMaintenanceSvc_76cd9;Contact Data_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 PSKMAD;PSKMAD;C:\WINDOWS\System32\drivers\PSKMAD.sys [2017-10-9 72648]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-12 604160]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
R3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-11 48544]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R3 UnistoreSvc_76cd9;User Data Storage_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 UserDataSvc_76cd9;User Data Access_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-11 59944]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1806.18062-0\NisSrv.exe [2018-7-11 3925648]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-12 51288]
S2 WsAppService;Wondershare Application Framework Service;C:\Program Files (x86)\Wondershare\WAF\2.3.1.1\WsAppService.exe [2016-11-18 437392]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-12 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-12 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-12 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-12 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-12 51288]
S3 BcastDVRUserService_76cd9;GameDVR and Broadcast User Service_76cd9;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-12 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-12 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-12 92056]
S3 BluetoothUserService_76cd9;Bluetooth User Support Service_76cd9;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-12 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-12 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-12 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-12 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-12 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-12 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-12 51288]
S3 DevicePickerUserSvc_76cd9;DevicePicker_76cd9;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-12 51288]
S3 DevicesFlowUserSvc_76cd9;DevicesFlow_76cd9;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-12 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-7-22 130688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-12 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-12 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-12 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-12 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-12 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-12 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-12 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-12 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-12 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-12 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-12 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-12 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-12 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-12 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-12 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-12 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-12 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-12 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-12 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-12 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-12 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-12 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-12 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-12 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-12 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-12 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-12 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-12 82328]
S3 MessagingService_76cd9;MessagingService_76cd9;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-12 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-12 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-12 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-15 462784]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-12 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-3-15 27584]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-12 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-12 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-12 16896]
S3 PrintWorkflowUserSvc_76cd9;PrintWorkflow_76cd9;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-12 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-12 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-11 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-12 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-12 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-12 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-12 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-12 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-12 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-12 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-12 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-12 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-21 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-26 105368]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-12 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-12 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-12 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-12 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-12 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-21 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-12 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-12 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-12 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-12 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-12 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-12 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-12 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-12 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-12 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-12 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-21 781824]
S3 wdm_usb;wdm_usb;C:\WINDOWS\System32\drivers\usb2ser.sys [2016-8-16 159936]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-12 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-12 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-12 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-12 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-12 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-12 51288]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-12 264192]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-12 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-11 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-12 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-12 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-07-11 21:40:04 -------- d--h--w- C:\OneDriveTemp
2018-07-11 21:35:41 14756216 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{622538C7-CBBC-4935-9E27-A504916EA740}\mpengine.dll
2018-07-11 21:22:38 835064 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-07-11 21:22:38 179704 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-07-11 17:22:59 3611368 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2018-07-11 04:45:02 -------- d-----w- C:\Users\Camilo\AppData\Local\D3DSCache
2018-07-03 14:32:20 -------- d-----w- C:\Users\Camilo\AppData\Local\Deployment
2018-07-03 14:23:41 -------- d-----w- C:\Users\Camilo\AppData\Local\Vodafone.SMSbyMail
2018-06-29 14:56:16 244208 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2018-06-23 05:26:15 -------- d-----w- C:\ProgramData\Packages
2018-06-21 18:27:59 652800 ----a-w- C:\WINDOWS\System32\ActivationManager.dll
.
==================== Find3M ====================
.
2018-07-11 21:42:39 59944 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-07-11 21:42:38 340008 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-07-11 21:42:37 46592 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-07-11 21:31:57 548000 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-07-06 14:20:55 792472 ----a-w- C:\WINDOWS\System32\generaltel.dll
2018-07-06 14:20:50 1610648 ----a-w- C:\WINDOWS\System32\appraiser.dll
2018-07-06 14:20:49 2868640 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2018-07-06 14:20:45 689560 ----a-w- C:\WINDOWS\System32\aeinv.dll
2018-07-06 14:20:45 451992 ----a-w- C:\WINDOWS\System32\invagent.dll
2018-07-06 14:20:44 612248 ----a-w- C:\WINDOWS\System32\devinv.dll
2018-07-06 14:20:44 309664 ----a-w- C:\WINDOWS\System32\acmigration.dll
2018-07-06 14:20:43 70040 ----a-w- C:\WINDOWS\System32\win32appinventorycsp.dll
2018-07-06 14:20:43 144792 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2018-07-06 14:17:10 3932672 ----a-w- C:\WINDOWS\explorer.exe
2018-07-06 14:14:29 541592 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-07-06 13:56:43 4708864 ----a-w- C:\WINDOWS\System32\twinui.pcshell.dll
2018-07-06 13:53:56 386048 ----a-w- C:\WINDOWS\System32\zipfldr.dll
2018-07-06 13:53:52 409088 ----a-w- C:\WINDOWS\System32\SettingsEnvironment.Desktop.dll
2018-07-06 13:53:16 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-07-06 13:52:59 677376 ----a-w- C:\WINDOWS\System32\winlogon.exe
2018-07-06 13:52:15 1787392 ----a-w- C:\WINDOWS\System32\wsp_health.dll
2018-07-06 13:51:57 2051584 ----a-w- C:\WINDOWS\System32\wsp_fs.dll
2018-07-06 13:51:35 3652608 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-07-06 13:51:20 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-07-06 13:51:10 1004032 ----a-w- C:\WINDOWS\System32\clusapi.dll
2018-07-06 13:50:59 615424 ----a-w- C:\WINDOWS\System32\resutils.dll
2018-07-06 13:49:37 91136 ----a-w- C:\WINDOWS\System32\mcbuilder.exe
2018-07-06 11:54:36 485376 ----a-w- C:\WINDOWS\SysWow64\resutils.dll
2018-07-06 11:53:40 775168 ----a-w- C:\WINDOWS\SysWow64\clusapi.dll
2018-07-06 11:53:11 347136 ----a-w- C:\WINDOWS\SysWow64\zipfldr.dll
2018-07-06 11:52:47 1308160 ----a-w- C:\WINDOWS\SysWow64\wsp_health.dll
2018-07-06 11:52:34 1452544 ----a-w- C:\WINDOWS\SysWow64\wsp_fs.dll
2018-07-06 11:52:25 2895360 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-07-06 11:51:26 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-07-06 11:51:10 80384 ----a-w- C:\WINDOWS\SysWow64\mcbuilder.exe
2018-07-06 11:26:02 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-07-06 11:25:19 23863296 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-07-06 11:01:54 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-07-06 07:32:09 480672 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-07-06 07:31:58 462752 ----a-w- C:\WINDOWS\System32\aepic.dll
2018-07-06 07:31:57 35232 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2018-07-06 07:29:56 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-07-06 07:29:55 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-07-06 07:27:29 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-07-06 07:27:27 567176 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-07-06 07:27:27 1063320 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-07-06 07:27:27 1012632 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-07-06 07:27:19 57440 ----a-w- C:\WINDOWS\System32\Windows.Internal.ShellCommon.Broker.dll
2018-07-06 07:27:15 134552 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-07-06 07:27:00 709824 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-07-06 07:26:26 2712992 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-07-06 07:26:19 930720 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2018-07-06 07:26:15 170912 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-07-06 07:26:01 1148800 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2018-07-06 07:25:59 2420632 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2018-07-06 07:25:54 2571728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2018-07-06 07:25:51 1945784 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-07-06 07:25:50 267680 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2018-07-06 07:25:48 335776 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2018-07-06 07:25:47 885856 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2018-07-06 07:25:45 9147808 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-07-06 07:25:38 483048 ----a-w- C:\WINDOWS\System32\ucrtbase_enclave.dll
2018-07-06 07:25:38 1018616 ----a-w- C:\WINDOWS\System32\ucrtbase.dll
2018-07-06 07:25:37 139672 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2018-07-06 07:25:33 1026464 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-07-06 07:24:39 380824 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2018-07-06 07:16:47 567144 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-07-06 07:14:28 1981896 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2018-07-06 07:14:19 829856 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2018-07-06 07:14:09 988640 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2018-07-06 07:14:09 1175568 ----a-w- C:\WINDOWS\SysWow64\ucrtbase.dll
2018-07-06 07:13:57 1620872 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-07-06 07:10:15 25845760 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-07-06 07:07:07 22006272 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-07-06 07:03:04 4371456 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-07-06 07:02:46 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-07-06 07:01:56 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-07-06 07:01:23 5883904 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2018-07-06 07:01:13 14848 ----a-w- C:\WINDOWS\System32\MapsBtSvcProxy.dll
2018-07-06 07:01:01 104448 ----a-w- C:\WINDOWS\System32\NotificationControllerPS.dll
2018-07-06 07:00:53 94720 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2018-07-06 07:00:41 29696 ----a-w- C:\WINDOWS\System32\MapsTelemetry.dll
2018-07-06 07:00:32 92672 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2018-07-06 07:00:22 18944 ----a-w- C:\WINDOWS\System32\nativemap.dll
2018-07-06 07:00:04 151040 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2018-07-06 07:00:03 53248 ----a-w- C:\WINDOWS\System32\mapstoasttask.dll
2018-07-06 06:59:58 41984 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2018-07-06 06:59:57 86528 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2018-07-06 06:59:46 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-07-06 06:59:39 453632 ----a-w- C:\WINDOWS\System32\cloudAP.dll
2018-07-06 06:59:35 48128 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2018-07-06 06:59:23 200192 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Geolocation.dll
2018-07-06 06:59:22 334336 ----a-w- C:\WINDOWS\System32\NmaDirect.dll
2018-07-06 06:59:15 6647296 ----a-w- C:\WINDOWS\SysWow64\BingMaps.dll
2018-07-06 06:59:00 1153536 ----a-w- C:\WINDOWS\System32\Windows.Devices.Sensors.dll
2018-07-06 06:57:53 3712512 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-07-06 06:57:48 676864 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Devices.dll
2018-07-06 06:57:47 473088 ----a-w- C:\WINDOWS\System32\schannel.dll
2018-07-06 06:57:44 7579648 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-07-06 06:57:42 5779456 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
.
============= FINISH: 18:44:42.32 ===============

Attached Files

attach.txt (7.4 KB)

↧

Antivirus Customer help

July 20, 2018, 2:04 am

≫ Next: AVG help

≪ Previous: Scam about porn

I need Customer support for Norton antivirus plz help me to finding the tech support number of Norton antivirus

↧

AVG help

July 21, 2018, 2:15 am

≫ Next: AVG Antivirus and internet security

≪ Previous: Antivirus Customer help

How can Contact with AVG antivirus support Team?

↧

AVG Antivirus and internet security

July 21, 2018, 2:18 am

≫ Next: RE: Ransomfree

≪ Previous: AVG help

What is the comparison between AVG Antivirus and internet security?

↧

RE: Ransomfree

July 25, 2018, 2:48 am

≫ Next: suspicious program on my laptop and what is ransomware?

≪ Previous: AVG Antivirus and internet security

Are these Ransomfree files? It's one of two folders. Just wondering because I have not seen bait files in the <My Documents> folder before.

https://i65.tinypic.com/295qr83.png

For some reason, our office techs cannot get Sophos running on my machine so I had to rely on Sandboxie and MBAM, and browsing best practices. While lurking in this forum, I ran across the Ransomfree thread a while back, so I installed that too. But after seeing these folders today, I decided to install free Avast.

Neither Avast, MBAM, nor Adware Cleaner find any virus or malware. Can I assume my machine is clean? TIA.

↧

suspicious program on my laptop and what is ransomware?

July 27, 2018, 1:37 pm

≫ Next: Chrome searching Yahoo instead of Google (defaulted)

≪ Previous: RE: Ransomfree

Hi, I am not sure if I am in the right section of this forum. every time I log into my laptop a idle buddy screen thing pops up on my right bottom screen and there appears to be no way to get rid of it or delete it from my labtop. what is that and how do I get it off my laptop? Also what is ransomware?

↧

Chrome searching Yahoo instead of Google (defaulted)

July 27, 2018, 7:53 pm

≫ Next: Recurring Daily - Windows Refocuses to Desktop at 12:00 (Midnight)

≪ Previous: suspicious program on my laptop and what is ransomware?

This is so strange. I'm not computer illiterate, just throwing out there. I know my way around settings and whatnot.

So I'm using Google Chrome. I want to have it set where when I type something in the top bar (URL bar) it will search using Google (if I didn't type in a web address). Well when I search something up there, the search result URL has "https://search.yahoo.com/......" instead of Google. Then when I go to Google.com and attempt to do a google search, once again the result will be "https://search.yahoo.com/....". As far as I know, Yahoo didn't buy out Google.

So when I go to my Chrome settings, "Search engine used in the address bar" is set to Google. Under "Manage search engines" the only result I left is Google and it is set to "default". Below that in my settings it says "Google Chrome is your default browser" (not that this is really irrelevant).

I'm thinking this has to be some sort of adware or something. I'm unsure what I need to do to fix this issue. I hate Yahoo so this is really a peeve. Thanks for your time.
-C.S.

↧

Recurring Daily - Windows Refocuses to Desktop at 12:00 (Midnight)

August 1, 2018, 4:48 pm

≫ Next: Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

≪ Previous: Chrome searching Yahoo instead of Google (defaulted)

Win 10 Pro - Upgraded from Win 7

Hi guys, I have had an issue ever since I built this computer, but only at this point has it become much more of a nuisance.

Problem:At midnight each day, if I am working/using an application in full screen mode (such as a full-screened game or movie), the system will automatically focus on the desktop. Think "ALT+TAB" but to desktop. The symptom does not sure for things applications in windowed-fullscreen.

Troubleshooting:

Enabling & disabling the following showed no difference: "Task Scheduler Library -> Microsoft -> Windows -> Maintenance"
I do not have dropbox or similar syncing software that requires some sort of pull from a cloud
Full scan performed with Malwarebytes + Adwcleaner and Windows defender
Turning off focus assist. Turning on alarms only while turning off summary
Windows desktop customization option is not selected for matching my desktop background
Task Scheduler shows no items running at midnight

I have essentially followed all advice posted in my Win 10 help thread here: https://www.techsupportforum.com/for...ml#post7695040

There is suspicion that this is due to some malware - also in part from another user experience here: Stop desktop showing at midnight - [Solved] - Components

I do not have a Windows install CD, but I can readily create a Win 10 installation USB key.

Any help or suggestions or where to look is highly appreciated!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by squis at 19:17:49 on 2018-08-01
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.16336.12744 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Windows\SysWOW64\PnkBstrB.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Origin\OriginWebHelperService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
svchost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Hard Disk Sentinel\HDSentinel.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\InputMethod\CHS\ChsIME.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe
C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech Gaming Software\LCore.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files\Logitech Gaming Software\ArxApplets\Discord\logitechg_discord.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe
C:\Program Files\ShareX\ShareX.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18051.18420.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_1.16.1004.0_x64__8wekyb3d8bbwe\GameBar.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
uRun: [OneDrive] "C:\Users\squis\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SendAnywhere] C:\Program Files (x86)\Send Anywhere\Send Anywhere.exe --tray
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
StartupFolder: C:\Users\squis\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ShareX.lnk - C:\Program Files\ShareX\ShareX.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{4819c6a7-3b09-4646-ba9a-43e1354b9935} : DHCPNameServer = 192.168.2.1 207.164.234.129
TCP: Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c} : NameServer = 208.67.222.222,208.67.220.220
TCP: Interfaces\{531419f4-0591-40b5-8d4c-449a71d3612c} : DHCPNameServer = 208.67.222.222 208.67.220.220
TCP: Interfaces\{580fc6f8-38d2-4c55-a4fa-cf424f8843e1} : DHCPNameServer = 192.168.42.129
TCP: Interfaces\{5dd26fc4-6669-40c1-9e0a-42b96559db66} : DHCPNameServer = 192.168.0.1
TCP: Interfaces\{afdb1cfb-e56a-4afd-939e-a8ca4b92130e} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: ExplorerWnd Helper: {10921475-03CE-4E04-90CE-E2E7EF20C814} - C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [NahimicVRSvc32] C:\Program Files\Nahimic\Nahimic VR\Foundation\NahimicVRSvc32.exe /start all
x64-Run: [NahimicVRSvc64] C:\Program Files\Nahimic\Nahimic VR\Foundation\x64\NahimicVRSvc64.exe /start all
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.99\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-7-11 9728]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-10 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 amdpsp;AMD PSP Service;C:\WINDOWS\System32\drivers\amdpsp.sys [2017-6-12 239976]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2018-5-11 152688]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\WINDOWS\System32\drivers\HWiNFO64A.SYS [2017-5-7 27552]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2018-6-22 818128]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-2-27 2128872]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_4c36fd3;Connected Devices Platform User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-5-5 8851496]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 IObitUnSvr;IObit Uninstaller Service;C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [2017-7-10 360736]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2018-5-7 206472]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MbamChameleon.sys [2018-7-8 191208]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-5-11 6541008]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-7-25 764456]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-7-25 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-7-25 629800]
R2 OneSyncSvc_4c36fd3;Sync Host_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-10-4 3000168]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-10 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 TeamViewer;TeamViewer 13;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2018-4-14 11293936]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_4c36fd3;Windows Push Notifications User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 amdgpio2;AMD GPIO Client Driver;C:\WINDOWS\System32\drivers\amdgpio2.sys [2017-3-2 43400]
R3 amdgpio3;AMD GPIO Client Driver;C:\WINDOWS\System32\drivers\amdgpio3.sys [2016-8-13 24424]
R3 AMDPCIDev;AMD PCI;C:\WINDOWS\System32\drivers\AMDPCIDev.sys [2017-10-10 31592]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 BcastDVRUserService_4c36fd3;GameDVR and Broadcast User Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 CMUSBDAC;USB Audio Class 1.0 and 2.0 DAC Device Driver;C:\WINDOWS\System32\drivers\CMUSBDAC.sys [2016-11-30 3792904]
R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2018-5-7 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\WINDOWS\System32\drivers\LGJoyXlCore.sys [2018-5-7 67736]
R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [2018-5-7 64280]
R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2018-5-7 26008]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2018-7-8 114920]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2018-7-8 48360]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-6-26 253664]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2018-7-26 102632]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-7-25 69544]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-7-25 65792]
R3 Phosgene;FaceRig Virtual Camera;C:\WINDOWS\System32\drivers\Phosgene.sys [2017-8-15 34136]
R3 PimIndexMaintenanceSvc_4c36fd3;Contact Data_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-6-23 984032]
R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2017-8-27 14024]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
R3 UnistoreSvc_4c36fd3;User Data Storage_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_4c36fd3;User Data Access_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-7-31 3905952]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amdkmcsp;AMD Kernel Mode CSP Service;C:\WINDOWS\System32\drivers\amdkmcsp.sys [2017-6-12 95080]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2018-6-30 6875688]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_4c36fd3;Bluetooth User Support Service_4c36fd3;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_4c36fd3;CaptureService_4c36fd3;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 dc1-controller;Xbox Peripherals Driver;C:\WINDOWS\System32\drivers\dc1-controller.sys [2018-4-11 54272]
S3 DevicePickerUserSvc_4c36fd3;DevicePicker_4c36fd3;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_4c36fd3;DevicesFlow_4c36fd3;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-18 774312]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 EQU8_tabg;EQU8_tabg;G:\Steam\steamapps\common\TotallyAccurateBattlegrounds\TotallyAccurateBattlegrounds_Data\Plugins\agent.x64.equ8.exe [2018-7-4 3444216]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GPU-Z;GPU-Z;C:\Users\squis\AppData\Local\Temp\GPU-Z.sys [2018-7-23 27008]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 I2cHkBurn;I2cHkBurn;C:\WINDOWS\System32\drivers\I2cHkBurn.sys [2017-5-8 41760]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 lvrs64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]
S3 LVUVC64;@oem49.inf,%PID_082D_DD%(UVC);Logitech HD Pro Webcam C920(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_4c36fd3;MessagingService_4c36fd3;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-7-25 764456]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-7-29 30656]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-10-4 2120032]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_4c36fd3;PrintWorkflow_4c36fd3;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-10 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-10 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-4-11 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-10 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-10 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-13 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-10 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-6-10 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: Applications\WINWORD.EXE="C:\Program Files (x86)\Microsoft Office\root\Office16\Winword.exe" /n "%1" [UserChoice] [default=edit - 'Open' doesn't exist]
ShellExec: MuseScore2.exe: open="C:\Program Files (x86)\MuseScore 2\bin\MuseScore.exe" "%1"
.
=============== Created Last 30 ================
.
2018-08-01 21:46:24 14834152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{08CB0D6E-D16D-414E-8C2A-A876FD1D4396}\mpengine.dll
2018-07-31 22:13:01 14834152 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-07-29 05:40:56 -------- d-----w- C:\Users\squis\AppData\Roaming\NVIDIA
2018-07-29 03:28:06 -------- d-----w- C:\Users\squis\AppData\Local\NVIDIA
2018-07-28 06:31:01 -------- d-----w- C:\AdwCleaner
2018-07-27 00:12:39 102632 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2018-07-26 02:58:08 -------- d-----w- C:\WINDOWS\Microsoft Antimalware
2018-07-26 00:21:11 -------- d-----w- C:\Users\squis\AppData\Local\NVIDIA Corporation
2018-07-26 00:17:26 2340392 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2018-07-26 00:17:26 1936424 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2018-07-26 00:17:26 1311784 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2018-07-26 00:16:48 132392 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-07-26 00:16:43 206760 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2018-07-26 00:16:43 185256 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2018-07-26 00:16:42 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-07-26 00:16:41 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-07-26 00:16:16 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation\Drs
2018-07-26 00:16:16 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation
2018-07-26 00:10:45 83240 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2018-07-26 00:10:45 8186102 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2018-07-26 00:10:45 633984 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2018-07-26 00:10:45 5947328 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2018-07-26 00:10:45 450960 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2018-07-26 00:10:45 2612520 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2018-07-26 00:10:45 1767360 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2018-07-26 00:10:45 124200 ----a-w- C:\WINDOWS\System32\nvshext.dll
2018-07-26 00:10:35 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2018-07-26 00:10:33 552480 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2018-07-26 00:10:33 456608 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2018-07-26 00:10:18 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2018-07-25 23:20:26 -------- d-----w- C:\Users\squis\AppData\Local\PackageStaging
2018-07-25 23:10:30 -------- d-----w- C:\Program Files\Speccy
2018-07-25 22:57:04 95136 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpCom.dll
2018-07-25 22:57:04 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpAsDesc.dll
2018-07-25 22:57:04 468888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\OfflineScannerShell.exe
2018-07-25 22:57:04 455656 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpCmdRun.exe
2018-07-25 22:57:04 444832 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpRes.dll
2018-07-25 22:57:04 391576 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpCommu.dll
2018-07-25 22:57:04 3284888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpSvc.dll
2018-07-25 22:57:04 156056 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\EppManifest.dll
2018-07-25 22:57:04 14232 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpLics.dll
2018-07-25 22:57:04 1283480 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsAsCui.exe
2018-07-25 22:57:04 105344 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MsMpEng.exe
2018-07-25 22:57:04 1034648 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Offline Scanner\MpClient.dll
2018-07-24 04:46:30 -------- d-----w- C:\Users\squis\AppData\Local\Sex_Simulator
2018-07-22 18:51:04 471120 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-07-22 18:50:04 31312 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-07-22 18:36:58 213584 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-07-22 16:14:54 84736 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Word.HostAdapter.v10.0.dll
2018-07-22 16:14:54 78592 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Excel.HostAdapter.v10.0.dll
2018-07-22 16:14:54 64240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.HostAdapter.v10.0.dll
2018-07-22 16:14:54 42248 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Office.Outlook.HostAdapter.v10.0.dll
2018-07-22 16:14:54 42240 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInSideAdapters\Microsoft.VisualStudio.Tools.Applications.AddInAdapter.v10.0.dll
2018-07-22 16:14:54 36096 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\HostSideAdapters\Microsoft.VisualStudio.Tools.Applications.HostAdapter.v10.0.dll
2018-07-22 16:14:54 36088 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\AddInViews\Microsoft.VisualStudio.Tools.Applications.Runtime.v10.0.dll
2018-07-22 16:14:54 25336 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Applications.Contract.v10.0.dll
2018-07-22 16:14:54 24816 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTA\Pipeline.v10.0\Contracts\Microsoft.VisualStudio.Tools.Office.Contract.v10.0.dll
2018-07-22 13:38:48 82592 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOInstaller.exe
2018-07-22 13:38:48 49832 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOMessageProvider.dll
2018-07-22 13:38:48 269976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\VSTOLoader.dll
2018-07-22 13:38:48 19104 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOLoaderUI.dll
2018-07-22 13:38:48 117904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\vstoee.dll
2018-07-22 13:38:48 10912 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\VSTO\10.0\1033\VSTOInstallerUI.dll
2018-07-19 06:11:32 -------- d-----w- C:\Users\squis\AppData\Local\Logitech
2018-07-19 06:09:51 18960 ----a-w- C:\WINDOWS\System32\drivers\LNonPnP.sys
2018-07-19 06:09:13 -------- d-----w- C:\Program Files\Logitech Gaming Software
2018-07-19 06:08:32 -------- d-----w- C:\Users\squis\AppData\Roaming\Logishrd
2018-07-18 02:02:40 -------- d-----w- C:\Users\squis\AppData\Local\MEGAsync
2018-07-14 19:49:47 -------- d-----w- C:\Users\squis\AppData\Roaming\mkxp
2018-07-14 19:49:47 -------- d-----w- C:\Users\squis\AppData\Roaming\dingaling
2018-07-08 07:06:30 48360 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2018-07-08 07:06:27 191208 ----a-w- C:\WINDOWS\System32\drivers\MbamChameleon.sys
2018-07-08 07:06:27 114920 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
.
==================== Find3M ====================
.
2018-07-31 22:02:53 253664 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-07-31 04:47:44 61992 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-07-31 04:47:44 46584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-07-31 04:47:44 340008 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-07-17 08:17:46 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-07-16 23:15:46 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-07-06 14:20:55 792472 ----a-w- C:\WINDOWS\System32\generaltel.dll
2018-07-06 14:20:50 1610648 ----a-w- C:\WINDOWS\System32\appraiser.dll
2018-07-06 14:20:49 2868640 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2018-07-06 14:20:45 689560 ----a-w- C:\WINDOWS\System32\aeinv.dll
2018-07-06 14:20:45 451992 ----a-w- C:\WINDOWS\System32\invagent.dll
2018-07-06 14:20:44 612248 ----a-w- C:\WINDOWS\System32\devinv.dll
2018-07-06 14:20:44 309664 ----a-w- C:\WINDOWS\System32\acmigration.dll
2018-07-06 14:20:43 70040 ----a-w- C:\WINDOWS\System32\win32appinventorycsp.dll
2018-07-06 14:20:43 144792 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2018-07-06 14:17:10 3932672 ----a-w- C:\WINDOWS\explorer.exe
2018-07-06 14:15:25 2266520 ----a-w- C:\WINDOWS\System32\AppVEntSubsystems64.dll
2018-07-06 14:14:29 541592 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-07-06 13:56:43 4708864 ----a-w- C:\WINDOWS\System32\twinui.pcshell.dll
2018-07-06 13:53:56 386048 ----a-w- C:\WINDOWS\System32\zipfldr.dll
2018-07-06 13:53:52 409088 ----a-w- C:\WINDOWS\System32\SettingsEnvironment.Desktop.dll
2018-07-06 13:53:16 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-07-06 13:53:00 672768 ----a-w- C:\WINDOWS\System32\gpprefcl.dll
2018-07-06 13:52:59 677376 ----a-w- C:\WINDOWS\System32\winlogon.exe
2018-07-06 13:52:15 1787392 ----a-w- C:\WINDOWS\System32\wsp_health.dll
2018-07-06 13:51:57 2051584 ----a-w- C:\WINDOWS\System32\wsp_fs.dll
2018-07-06 13:51:35 3652608 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-07-06 13:51:20 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-07-06 13:51:10 1004032 ----a-w- C:\WINDOWS\System32\clusapi.dll
2018-07-06 13:50:59 615424 ----a-w- C:\WINDOWS\System32\resutils.dll
2018-07-06 13:49:37 91136 ----a-w- C:\WINDOWS\System32\mcbuilder.exe
2018-07-06 12:12:31 1539000 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2018-07-06 12:06:44 3611368 ----a-w- C:\WINDOWS\SysWow64\explorer.exe
2018-07-06 11:54:36 485376 ----a-w- C:\WINDOWS\SysWow64\resutils.dll
2018-07-06 11:53:54 565248 ----a-w- C:\WINDOWS\SysWow64\gpprefcl.dll
2018-07-06 11:53:40 775168 ----a-w- C:\WINDOWS\SysWow64\clusapi.dll
2018-07-06 11:53:11 347136 ----a-w- C:\WINDOWS\SysWow64\zipfldr.dll
2018-07-06 11:52:47 1308160 ----a-w- C:\WINDOWS\SysWow64\wsp_health.dll
2018-07-06 11:52:34 1452544 ----a-w- C:\WINDOWS\SysWow64\wsp_fs.dll
2018-07-06 11:52:25 2895360 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-07-06 11:51:26 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-07-06 11:51:10 80384 ----a-w- C:\WINDOWS\SysWow64\mcbuilder.exe
2018-07-06 11:26:02 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-07-06 11:25:19 23863296 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-07-06 11:01:54 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-07-06 07:32:09 480672 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-07-06 07:31:58 462752 ----a-w- C:\WINDOWS\System32\aepic.dll
2018-07-06 07:31:57 35232 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2018-07-06 07:29:56 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-07-06 07:29:55 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-07-06 07:27:29 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-07-06 07:27:27 567176 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-07-06 07:27:27 1063320 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-07-06 07:27:27 1012632 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-07-06 07:27:19 57440 ----a-w- C:\WINDOWS\System32\Windows.Internal.ShellCommon.Broker.dll
2018-07-06 07:27:15 134552 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-07-06 07:27:00 709824 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-07-06 07:26:26 2712992 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-07-06 07:26:19 930720 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2018-07-06 07:26:15 170912 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-07-06 07:26:01 1148800 ----a-w- C:\WINDOWS\System32\mfsvr.dll
2018-07-06 07:25:59 2420632 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2018-07-06 07:25:54 2571728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2018-07-06 07:25:51 1945784 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-07-06 07:25:50 267680 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2018-07-06 07:25:48 335776 ----a-w- C:\WINDOWS\System32\moshostcore.dll
2018-07-06 07:25:47 885856 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2018-07-06 07:25:45 9147808 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-07-06 07:25:38 483048 ----a-w- C:\WINDOWS\System32\ucrtbase_enclave.dll
2018-07-06 07:25:38 1018616 ----a-w- C:\WINDOWS\System32\ucrtbase.dll
2018-07-06 07:25:37 139672 ----a-w- C:\WINDOWS\System32\drivers\ksecdd.sys
2018-07-06 07:25:33 1026464 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-07-06 07:24:39 380824 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2018-07-06 07:16:47 567144 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-07-06 07:14:28 1981896 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2018-07-06 07:14:19 829856 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2018-07-06 07:14:09 988640 ----a-w- C:\WINDOWS\SysWow64\mfsvr.dll
2018-07-06 07:14:09 1175568 ----a-w- C:\WINDOWS\SysWow64\ucrtbase.dll
2018-07-06 07:13:57 1620872 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-07-06 07:10:15 25845760 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-07-06 07:07:07 22006272 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-07-06 07:03:04 4371456 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-07-06 07:02:46 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-07-06 07:01:56 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-07-06 07:01:23 5883904 ----a-w- C:\WINDOWS\SysWow64\mos.dll
2018-07-06 07:01:13 14848 ----a-w- C:\WINDOWS\System32\MapsBtSvcProxy.dll
2018-07-06 07:01:01 104448 ----a-w- C:\WINDOWS\System32\NotificationControllerPS.dll
2018-07-06 07:00:53 94720 ----a-w- C:\WINDOWS\System32\MapsCSP.dll
2018-07-06 07:00:41 29696 ----a-w- C:\WINDOWS\System32\MapsTelemetry.dll
2018-07-06 07:00:32 92672 ----a-w- C:\WINDOWS\System32\MosHostClient.dll
2018-07-06 07:00:22 18944 ----a-w- C:\WINDOWS\System32\nativemap.dll
2018-07-06 07:00:04 151040 ----a-w- C:\WINDOWS\System32\MapsBtSvc.dll
2018-07-06 07:00:03 53248 ----a-w- C:\WINDOWS\System32\mapstoasttask.dll
2018-07-06 06:59:58 41984 ----a-w- C:\WINDOWS\System32\mapsupdatetask.dll
2018-07-06 06:59:57 86528 ----a-w- C:\WINDOWS\System32\MosStorage.dll
2018-07-06 06:59:46 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-07-06 06:59:39 453632 ----a-w- C:\WINDOWS\System32\cloudAP.dll
2018-07-06 06:59:35 48128 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2018-07-06 06:59:23 200192 ----a-w- C:\WINDOWS\System32\SettingsHandlers_Geolocation.dll
2018-07-06 06:59:22 334336 ----a-w- C:\WINDOWS\System32\NmaDirect.dll
.
============= FINISH: 19:18:10.73 ===============

Attached Files

attach.txt (18.7 KB)

↧

Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

August 8, 2018, 7:18 am

≫ Next: [SOLVED] How to subscribe to own thread (can't see it?)

≪ Previous: Recurring Daily - Windows Refocuses to Desktop at 12:00 (Midnight)

My laptop is running so hard and so slow I get a "high temp" alert every so often. I assume more than one program running in the background and it's using all my CPU and overheating my computer. Please help. Thanks in advance... Hodie

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19081
Run by Hodie at 18:29:06 on 2018-08-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1370 [GMT -5:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\ptumlcmsvc64.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
dRunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://uhc.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{61A21C53-CE0F-4214-BA30-8A64E88F8D1B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{695076B3-72BF-4452-8C0C-61DD9CF93C7E} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554431383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554638333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\4415C4F4447454 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\44F65726C65645275656022697028496C647F6E6 : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hodie\AppData\Roaming\Mozilla\Firefox\Profiles\km5jf2y2.default-1473202271514\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Hodie\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;C:\Windows\System32\drivers\aswbidsha.sys [2017-2-3 201320]
R0 aswblog;aswblog;C:\Windows\System32\drivers\aswbloga.sys [2017-2-3 346664]
R0 aswbuniv;aswbuniv;C:\Windows\System32\drivers\aswbuniva.sys [2017-2-3 59568]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2014-2-3 85968]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2014-2-3 381552]
R1 aswArPot;aswArPot;C:\Windows\System32\drivers\aswArPot.sys [2017-10-27 199712]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-2-3 229392]
R1 aswHdsKe;aswHdsKe;C:\Windows\System32\drivers\aswHdsKe.sys [2017-11-24 249016]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-2-3 1027720]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-2-3 466720]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-4-27 83768]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-2-3 163272]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-2-3 214808]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-8-6 322464]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-2-7 8765104]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-20 13592]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;C:\Windows\System32\ptumlcmsvc64.exe [2012-3-8 174592]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-20 2320920]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-8-6 7963320]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-3-23 31088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-4-2 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-18 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 46968]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2014-7-17 44640]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-20 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-1-18 89640]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-20 39976]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-8-6 116224]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PTUMLBUS;PTUML USB Composite Device Driver;C:\Windows\System32\drivers\PTUMLBUS.sys [2012-3-8 105600]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;C:\Windows\System32\drivers\PTUMLCVsp.sys [2012-3-8 183424]
S3 PTUMLMBMP;PANTECH UML290 Mobile Broadband;C:\Windows\System32\drivers\PTUMLMBMP.sys [2012-3-8 235776]
S3 PTUMLMdm;PANTECH UML290;C:\Windows\System32\drivers\PTUMLMdm.sys [2012-3-8 183424]
S3 PTUMLNET61;PANTECH UML290 WWAN (NDIS6.1);C:\Windows\System32\drivers\PTUMLNET61.sys [2012-3-8 111872]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;C:\Windows\System32\drivers\PTUMLNVsp.sys [2012-3-8 184448]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;C:\Windows\System32\drivers\PTUMLRMNET.sys [2012-3-8 63744]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;C:\Windows\System32\drivers\PTUMLVsp.sys [2012-3-8 183424]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-12-18 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-2-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-12-18 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2018-08-06 16:43:04 2860032 ----a-w- C:\Windows\System32\aitstatic.exe
2018-08-06 16:43:04 1602048 ----a-w- C:\Windows\System32\appraiser.dll
2018-08-06 16:43:03 783872 ----a-w- C:\Windows\System32\generaltel.dll
2018-08-06 16:43:03 680960 ----a-w- C:\Windows\System32\aeinv.dll
2018-08-06 16:43:03 612352 ----a-w- C:\Windows\System32\devinv.dll
2018-08-06 16:43:03 470016 ----a-w- C:\Windows\System32\centel.dll
2018-08-06 16:43:03 443392 ----a-w- C:\Windows\System32\invagent.dll
2018-08-06 16:43:03 301056 ----a-w- C:\Windows\System32\acmigration.dll
2018-08-06 16:43:03 246272 ----a-w- C:\Windows\System32\aepic.dll
2018-08-06 16:43:03 140992 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2018-08-06 16:39:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-08-06 16:18:54 -------- d-----w- C:\Users\Hodie\AppData\Roaming\Roxio Log Files
.
==================== Find3M ====================
.
2018-08-06 15:39:36 214808 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2018-08-06 15:39:32 381552 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2018-08-06 15:39:30 85968 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2018-08-06 15:39:29 163272 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2018-08-06 15:39:28 46968 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2018-08-06 15:39:26 199712 ----a-w- C:\Windows\System32\drivers\aswArPot.sys
2018-08-06 15:39:22 111864 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2018-08-06 15:36:40 1027720 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2018-08-06 15:36:28 249016 ----a-w- C:\Windows\System32\drivers\aswHdsKe.sys
2018-08-06 15:36:22 59568 ----a-w- C:\Windows\System32\drivers\aswbuniva.sys
2018-08-06 15:36:22 346664 ----a-w- C:\Windows\System32\drivers\aswbloga.sys
2018-08-06 15:36:22 229392 ----a-w- C:\Windows\System32\drivers\aswbidsdrivera.sys
2018-08-06 15:36:22 201320 ----a-w- C:\Windows\System32\drivers\aswbidsha.sys
2018-06-28 19:25:07 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2018-06-16 16:46:18 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-06-16 16:46:05 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-06-16 16:32:15 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-06-16 16:31:31 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-06-16 16:31:25 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-06-16 16:31:24 417280 ----a-w- C:\Windows\System32\html.iec
2018-06-16 16:30:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-06-16 16:27:52 5779968 ----a-w- C:\Windows\System32\jscript9.dll
2018-06-16 16:19:49 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-06-16 16:19:48 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-06-16 16:19:28 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-06-16 16:19:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-06-16 16:12:00 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-06-16 16:06:25 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-06-16 16:06:19 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-06-16 16:05:36 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-06-16 16:05:24 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-06-16 16:04:30 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-06-16 16:02:19 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-06-16 16:02:00 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-06-16 15:56:02 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-06-16 15:55:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-06-16 15:42:51 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-06-16 15:42:23 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-06-16 15:40:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-06-16 15:39:57 2135552 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-06-16 15:34:39 4496384 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-06-16 15:28:49 2060288 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-06-16 15:27:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-06-16 15:27:14 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-06-16 15:08:41 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-06-13 16:19:39 1867776 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2018-06-13 15:54:52 1499648 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2018-06-13 15:40:41 3226112 ----a-w- C:\Windows\System32\win32k.sys
2018-06-13 08:06:35 133315992 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-06-08 16:27:27 95424 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-06-08 16:27:27 708288 ----a-w- C:\Windows\System32\winload.efi
2018-06-08 16:27:27 5577408 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-06-08 16:27:27 154816 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-06-08 16:23:39 631640 ----a-w- C:\Windows\System32\winresume.efi
2018-06-08 16:22:54 1665344 ----a-w- C:\Windows\System32\ntdll.dll
2018-06-08 16:21:06 369664 ----a-w- C:\Windows\System32\zipfldr.dll
2018-06-08 16:21:04 361984 ----a-w- C:\Windows\System32\wow64win.dll
2018-06-08 16:21:04 243712 ----a-w- C:\Windows\System32\wow64.dll
2018-06-08 16:21:04 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2018-06-08 16:21:03 215552 ----a-w- C:\Windows\System32\winsrv.dll
2018-06-08 16:21:01 210432 ----a-w- C:\Windows\System32\wdigest.dll
2018-06-08 16:19:36 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2018-06-08 16:19:22 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-06-08 16:19:20 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2018-06-08 16:19:20 22016 ----a-w- C:\Windows\System32\credssp.dll
2018-06-08 16:19:17 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-06-08 16:02:51 4050624 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-06-08 16:02:51 3962048 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-06-08 15:57:51 1314072 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-06-08 15:54:31 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-06-08 15:53:59 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2018-06-08 15:44:53 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2018-06-08 15:44:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-06-08 15:44:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-06-08 15:44:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-06-08 15:43:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-06-08 15:39:37 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-06-08 15:38:59 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-06-08 15:38:30 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-06-08 15:34:44 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-06-08 15:34:22 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-06-08 15:34:19 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-06-08 15:33:10 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-06-08 15:33:05 112640 ----a-w- C:\Windows\System32\smss.exe
2018-06-08 15:29:59 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-06-08 15:28:20 30720 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2018-06-08 15:27:08 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-06-08 15:21:32 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-06-08 15:21:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-06-08 15:21:30 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-06-08 15:21:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-06-08 15:19:55 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-06-08 15:19:40 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-06-08 15:19:40 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-08 15:19:40 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-08 15:19:40 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-06-07 16:20:20 22528 ----a-w- C:\Windows\System32\wfapigp.dll
2018-06-07 16:19:48 828928 ----a-w- C:\Windows\System32\MPSSVC.dll
2018-06-07 16:19:29 108544 ----a-w- C:\Windows\System32\icfupgd.dll
2018-06-07 16:19:21 749568 ----a-w- C:\Windows\System32\FirewallAPI.dll
.
============= FINISH: 18:29:44.88 ===============

Attached Files

attach.txt (11.3 KB)

↧

[SOLVED] How to subscribe to own thread (can't see it?)

August 8, 2018, 9:14 am

≫ Next: 2nd: Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

≪ Previous: Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

Is there a waiting period before my thread appears. I posted this morning and can't see it...
Removed

↧