2nd: Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

August 8, 2018, 9:21 am

≫ Next: PC adware and ibuddy antivirus adds popping up

≪ Previous: [SOLVED] How to subscribe to own thread (can't see it?)

HP Pavilion g7, Win XP, Super slow boot and operation, CPU max and overheating, Outlook receive errors and generally slow.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19081
Run by Hodie at 18:29:06 on 2018-08-07
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1370 [GMT -5:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\ptumlcmsvc64.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\System32\WUDFHost.exe
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
dRunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://uhc.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{61A21C53-CE0F-4214-BA30-8A64E88F8D1B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{695076B3-72BF-4452-8C0C-61DD9CF93C7E} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554431383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554638333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\4415C4F4447454 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\44F65726C65645275656022697028496C647F6E6 : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hodie\AppData\Roaming\Mozilla\Firefox\Profiles\km5jf2y2.default-1473202271514\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Hodie\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;C:\Windows\System32\drivers\aswbidsha.sys [2017-2-3 201320]
R0 aswblog;aswblog;C:\Windows\System32\drivers\aswbloga.sys [2017-2-3 346664]
R0 aswbuniv;aswbuniv;C:\Windows\System32\drivers\aswbuniva.sys [2017-2-3 59568]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2014-2-3 85968]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2014-2-3 381552]
R1 aswArPot;aswArPot;C:\Windows\System32\drivers\aswArPot.sys [2017-10-27 199712]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-2-3 229392]
R1 aswHdsKe;aswHdsKe;C:\Windows\System32\drivers\aswHdsKe.sys [2017-11-24 249016]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-2-3 1027720]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-2-3 466720]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-4-27 83768]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-2-3 163272]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-2-3 214808]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-8-6 322464]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-2-7 8765104]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-20 13592]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;C:\Windows\System32\ptumlcmsvc64.exe [2012-3-8 174592]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-20 2320920]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-8-6 7963320]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-3-23 31088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-4-2 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-18 565352]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-10-4 107624]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-10-3 128608]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 46968]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2014-7-17 44640]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-20 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-1-18 89640]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-20 39976]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-8-6 116224]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PTUMLBUS;PTUML USB Composite Device Driver;C:\Windows\System32\drivers\PTUMLBUS.sys [2012-3-8 105600]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;C:\Windows\System32\drivers\PTUMLCVsp.sys [2012-3-8 183424]
S3 PTUMLMBMP;PANTECH UML290 Mobile Broadband;C:\Windows\System32\drivers\PTUMLMBMP.sys [2012-3-8 235776]
S3 PTUMLMdm;PANTECH UML290;C:\Windows\System32\drivers\PTUMLMdm.sys [2012-3-8 183424]
S3 PTUMLNET61;PANTECH UML290 WWAN (NDIS6.1);C:\Windows\System32\drivers\PTUMLNET61.sys [2012-3-8 111872]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;C:\Windows\System32\drivers\PTUMLNVsp.sys [2012-3-8 184448]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;C:\Windows\System32\drivers\PTUMLRMNET.sys [2012-3-8 63744]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;C:\Windows\System32\drivers\PTUMLVsp.sys [2012-3-8 183424]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-12-18 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-2-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-12-18 56832]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== Created Last 30 ================
.
2018-08-06 16:43:04 2860032 ----a-w- C:\Windows\System32\aitstatic.exe
2018-08-06 16:43:04 1602048 ----a-w- C:\Windows\System32\appraiser.dll
2018-08-06 16:43:03 783872 ----a-w- C:\Windows\System32\generaltel.dll
2018-08-06 16:43:03 680960 ----a-w- C:\Windows\System32\aeinv.dll
2018-08-06 16:43:03 612352 ----a-w- C:\Windows\System32\devinv.dll
2018-08-06 16:43:03 470016 ----a-w- C:\Windows\System32\centel.dll
2018-08-06 16:43:03 443392 ----a-w- C:\Windows\System32\invagent.dll
2018-08-06 16:43:03 301056 ----a-w- C:\Windows\System32\acmigration.dll
2018-08-06 16:43:03 246272 ----a-w- C:\Windows\System32\aepic.dll
2018-08-06 16:43:03 140992 ----a-w- C:\Windows\System32\CompatTelRunner.exe
2018-08-06 16:39:59 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-08-06 16:18:54 -------- d-----w- C:\Users\Hodie\AppData\Roaming\Roxio Log Files
.
==================== Find3M ====================
.
2018-08-06 15:39:36 214808 ----a-w- C:\Windows\System32\drivers\aswStm.sys
2018-08-06 15:39:32 381552 ----a-w- C:\Windows\System32\drivers\aswVmm.sys
2018-08-06 15:39:30 85968 ----a-w- C:\Windows\System32\drivers\aswRvrt.sys
2018-08-06 15:39:29 163272 ----a-w- C:\Windows\System32\drivers\aswMonFlt.sys
2018-08-06 15:39:28 46968 ----a-w- C:\Windows\System32\drivers\aswHwid.sys
2018-08-06 15:39:26 199712 ----a-w- C:\Windows\System32\drivers\aswArPot.sys
2018-08-06 15:39:22 111864 ----a-w- C:\Windows\System32\drivers\aswRdr2.sys
2018-08-06 15:36:40 1027720 ----a-w- C:\Windows\System32\drivers\aswSnx.sys
2018-08-06 15:36:28 249016 ----a-w- C:\Windows\System32\drivers\aswHdsKe.sys
2018-08-06 15:36:22 59568 ----a-w- C:\Windows\System32\drivers\aswbuniva.sys
2018-08-06 15:36:22 346664 ----a-w- C:\Windows\System32\drivers\aswbloga.sys
2018-08-06 15:36:22 229392 ----a-w- C:\Windows\System32\drivers\aswbidsdrivera.sys
2018-08-06 15:36:22 201320 ----a-w- C:\Windows\System32\drivers\aswbidsha.sys
2018-06-28 19:25:07 2560 ----a-w- C:\Windows\apppatch\AcRes.dll
2018-06-16 16:46:18 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-06-16 16:46:05 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-06-16 16:32:15 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-06-16 16:31:31 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-06-16 16:31:25 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-06-16 16:31:24 417280 ----a-w- C:\Windows\System32\html.iec
2018-06-16 16:30:50 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-06-16 16:27:52 5779968 ----a-w- C:\Windows\System32\jscript9.dll
2018-06-16 16:19:49 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-06-16 16:19:48 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-06-16 16:19:28 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-06-16 16:19:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-06-16 16:12:00 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-06-16 16:06:25 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-06-16 16:06:19 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-06-16 16:05:36 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-06-16 16:05:24 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-06-16 16:04:30 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-06-16 16:02:19 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-06-16 16:02:00 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-06-16 15:56:02 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-06-16 15:55:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-06-16 15:42:51 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-06-16 15:42:23 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-06-16 15:40:10 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-06-16 15:39:57 2135552 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-06-16 15:34:39 4496384 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-06-16 15:28:49 2060288 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-06-16 15:27:57 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-06-16 15:27:14 3241472 ----a-w- C:\Windows\System32\wininet.dll
2018-06-16 15:08:41 2767872 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-06-13 16:19:39 1867776 ----a-w- C:\Windows\System32\ExplorerFrame.dll
2018-06-13 15:54:52 1499648 ----a-w- C:\Windows\SysWow64\ExplorerFrame.dll
2018-06-13 15:40:41 3226112 ----a-w- C:\Windows\System32\win32k.sys
2018-06-13 08:06:35 133315992 -c--a-w- C:\Windows\System32\MRT-KB890830.exe
2018-06-08 16:27:27 95424 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-06-08 16:27:27 708288 ----a-w- C:\Windows\System32\winload.efi
2018-06-08 16:27:27 5577408 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-06-08 16:27:27 154816 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-06-08 16:23:39 631640 ----a-w- C:\Windows\System32\winresume.efi
2018-06-08 16:22:54 1665344 ----a-w- C:\Windows\System32\ntdll.dll
2018-06-08 16:21:06 369664 ----a-w- C:\Windows\System32\zipfldr.dll
2018-06-08 16:21:04 361984 ----a-w- C:\Windows\System32\wow64win.dll
2018-06-08 16:21:04 243712 ----a-w- C:\Windows\System32\wow64.dll
2018-06-08 16:21:04 13312 ----a-w- C:\Windows\System32\wow64cpu.dll
2018-06-08 16:21:03 215552 ----a-w- C:\Windows\System32\winsrv.dll
2018-06-08 16:21:01 210432 ----a-w- C:\Windows\System32\wdigest.dll
2018-06-08 16:19:36 182272 ----a-w- C:\Windows\System32\dnsrslvr.dll
2018-06-08 16:19:22 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-06-08 16:19:20 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2018-06-08 16:19:20 22016 ----a-w- C:\Windows\System32\credssp.dll
2018-06-08 16:19:17 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-06-08 16:02:51 4050624 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-06-08 16:02:51 3962048 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-06-08 15:57:51 1314072 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-06-08 15:54:31 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-06-08 15:53:59 44032 ----a-w- C:\Windows\apppatch\acwow64.dll
2018-06-08 15:44:53 30208 ----a-w- C:\Windows\System32\dnscacheugc.exe
2018-06-08 15:44:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-06-08 15:44:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-06-08 15:44:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-06-08 15:43:21 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-06-08 15:39:37 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-06-08 15:38:59 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-06-08 15:38:30 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-06-08 15:34:44 159744 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-06-08 15:34:22 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-06-08 15:34:19 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-06-08 15:33:10 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-06-08 15:33:05 112640 ----a-w- C:\Windows\System32\smss.exe
2018-06-08 15:29:59 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-06-08 15:28:20 30720 ----a-w- C:\Windows\SysWow64\dnscacheugc.exe
2018-06-08 15:27:08 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-06-08 15:21:32 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-06-08 15:21:30 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-06-08 15:21:30 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-06-08 15:21:29 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-06-08 15:19:55 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-06-08 15:19:40 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-06-08 15:19:40 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-06-08 15:19:40 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-06-08 15:19:40 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-06-07 16:20:20 22528 ----a-w- C:\Windows\System32\wfapigp.dll
2018-06-07 16:19:48 828928 ----a-w- C:\Windows\System32\MPSSVC.dll
2018-06-07 16:19:29 108544 ----a-w- C:\Windows\System32\icfupgd.dll
2018-06-07 16:19:21 749568 ----a-w- C:\Windows\System32\FirewallAPI.dll
.
============= FINISH: 18:29:44.88 ===============

Attached Files

attach.txt (11.3 KB)

↧

PC adware and ibuddy antivirus adds popping up

August 14, 2018, 11:01 am

≫ Next: Redirect from another forumsection, internetproblems

≪ Previous: 2nd: Super slow boot, Outlook send/receive errors, over-heating, CPU maxing out?

Ibuddy and adware popping up using edge and explorer. Only way to close them is using task manager. Something called "clickadservinganalytics" keeps popping up. Here is the DDS.txt results:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.16299.98 BrowserJavaVersion: 11.77.2
Run by emmaudrey at 12:42:09 on 2018-08-14
Microsoft Windows 10 Home 10.0.16299.0.1252.1.1033.18.5580.2539 [GMT -5:00]
.
AV: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan *Enabled/Updated* {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall *Enabled* {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s DsmSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Program Files\Tablet\Pen\WTabletServiceCon.exe
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\program files\common files\mcafee\modulecore\modulecoreservice.exe
C:\Program Files (x86)\Common Files\TauDeimosOMK\TauDeimosOMK.exe
C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
C:\WINDOWS\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\VSCore_15_8\McApExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\sihost.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\Explorer.EXE
C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
C:\Program Files\Tablet\Pen\WacomHost.exe
C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
C:\Program Files\Tablet\Pen\Pen_Tablet.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\program files\common files\mcafee\modulecore\ModuleCoreService.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Bamboo Dock\Bamboo Dock\Bamboo Dock.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe
c:\PROGRA~1\mcafee\vul\mcvulctr.exe
c:\PROGRA~1\mcafee\vul\MCVULA~1.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
C:\ProgramData\Microsoft\Windows\MKeeperStat\mkeeper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
uSearch Bar = Preserve
mStart Page = about:blank
uProxyServer = hxxp=127.0.0.1:47574
uProxyOverride = <-loopback>
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\ssv.dll
BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_77\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [CLMLServer_For_P2G8] "c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe"
mRun: [CLVirtualDrive] "c:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R
mRun: [BATINDICATOR] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR.exe
mRun: [BATINDICATORHL] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\BATINDICATOR_HIDList.exe
mRun: [OSDTool] C:\Program Files (x86)\Hewlett-Packard\HP Keyboard\CNYHKEY.exe
mRun: [BambooCore] C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\EMMAUD~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SKETCH~1.LNK - C:\Program Files (x86)\Autodesk\SketchBook Pro 6\SketchBookSnapshot.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{bbfa2a1b-4da9-4f40-9d7b-ad6b1ce6a1a1} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist Corporate\1121\G2AWinLogon_x64.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2018-5-15 953248]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2018-5-15 252832]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2014-3-15 55856]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-1-19 59800]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2012-9-12 92536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R2 AdobeActiveFileMonitor10.0;Adobe Active File Monitor V10;C:\Program Files (x86)\Adobe\Elements 10 Organizer\PhotoshopElementsFileAgent.exe [2011-9-1 169624]
R2 AERTFilters;Andrea RT Filters Service;C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [2009-11-17 98208]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-8-1 264224]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_62531;Connected Devices Platform User Service_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-9-29 384000]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2016-1-14 8566448]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 176624]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-7-4 333688]
R2 HPTouchpointAnalyticsService;HP Touchpoint Analytics;C:\Program Files\HP\HP Touchpoint Analytics Client\TouchpointAnalyticsClientService.exe [2017-11-19 332216]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2012-9-12 2451456]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2018-7-19 604824]
R2 McAPExe;McAfee AP Service;C:\Program Files\Common Files\McAfee\VSCore_15_8\mcapexe.exe [2018-6-6 728808]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe [2018-4-6 2141912]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2018-6-6 512976]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2018-6-6 473040]
R2 mkeeper;mkeeper;C:\ProgramData\Microsoft\Windows\MKeeperStat\mkeeper.exe -service --> C:\ProgramData\Microsoft\Windows\MKeeperStat\mkeeper.exe -service [?]
R2 ModuleCoreService;McAfee Module Core Service;C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2018-6-6 1676024]
R2 OneSyncSvc_62531;Sync Host_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 PEFService;McAfee PEF Service;C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [2018-6-6 1047448]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-1-19 519152]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 TauDeimosOMK;TauDeimosOMK;C:\Program Files (x86)\Common Files\TauDeimosOMK\TauDeimosOMK.exe -service --> C:\Program Files (x86)\Common Files\TauDeimosOMK\TauDeimosOMK.exe -service [?]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-1-19 147864]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_62531;Windows Push Notifications User Service_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 WTabletServiceCon;Wacom Consumer Service;C:\Program Files\Tablet\Pen\WTabletServiceCon.exe [2013-8-1 619904]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2018-5-15 77224]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 hidkmdf;KMDF Driver;C:\WINDOWS\System32\drivers\hidkmdf.sys [2013-8-1 13728]
R3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-3 1031704]
R3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2018-5-15 497568]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2018-5-15 360352]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2018-5-15 529312]
R3 mfencbdc;McAfee LLC. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2018-4-30 543624]
R3 mfeplk;McAfee Inc. mfeplk;C:\WINDOWS\System32\drivers\mfeplk.sys [2018-5-15 115616]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2018-7-19 111608]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2017-9-29 2537984]
R3 PimIndexMaintenanceSvc_62531;Contact Data_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\WINDOWS\System32\drivers\RtsPStor.sys [2015-6-3 374016]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-2-17 895224]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 UnistoreSvc_62531;User Data Storage_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 UserDataSvc_62531;User Data Access_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
R3 WacHidRouter;Wacom Hid Router;C:\WINDOWS\System32\drivers\wachidrouter.sys [2013-8-1 81824]
R3 wacomrouterfilter;Wacom Router Filter Driver;C:\WINDOWS\System32\drivers\wacomrouterfilter.sys [2013-8-1 15776]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2017-9-29 25088]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2018-5-15 83952]
S2 0053421532017721mcinstcleanup;McAfee Application Installer Cleanup (0053421532017721);C:\WINDOWS\TEMP\005342~1.EXE -cleanup -nolog --> C:\WINDOWS\TEMP\005342~1.EXE -cleanup -nolog [?]
S2 Garmin Device Interaction Service;Garmin Device Interaction Service;C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [2017-3-28 1099280]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 RelevantKnowledge;RelevantKnowledge;C:\Program Files (x86)\RelevantKnowledge\rlservice.exe [2018-8-12 208288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 ClientAnalyticsService;ClientAnalyticsService;C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2018-6-6 1508656]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 DevicesFlowUserSvc_62531;DevicesFlow_62531;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2018-6-6 226984]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_62531;MessagingService_62531;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2018-6-6 359888]
S3 mfencrk;McAfee LLC. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2018-4-30 108432]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-1-19 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2014-10-3 2007048]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_62531;PrintWorkflow_62531;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-1-19 956416]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-9-29 103320]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-1-19 45464]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-1-19 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-1-19 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-1-19 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2017-9-29 48688]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-1-19 770048]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-9-29 119192]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-9-29 355304]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-9-29 225280]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-08-12 23:20:44 0 ----a-w- C:\WINDOWS\System32\OCL1C99.tmp
2018-08-12 23:20:43 0 ----a-w- C:\WINDOWS\System32\OCL1A27.tmp
2018-08-12 22:51:53 -------- d-----w- C:\Users\emmaudrey\AppData\Local\chromium
2018-08-12 22:30:23 -------- d-----w- C:\Program Files (x86)\PCAPro
2018-08-12 22:28:13 0 ----a-w- C:\WINDOWS\System32\OCL6EF9.tmp
2018-08-12 22:28:11 0 ----a-w- C:\WINDOWS\System32\OCL6728.tmp
2018-08-12 22:27:42 -------- d-----w- C:\Users\emmaudrey\AppData\Roaming\PCAPInstallFiles
2018-08-12 22:26:21 -------- d-----w- C:\Program Files (x86)\IBuddy
2018-08-12 22:23:53 752544 ----a-w- C:\WINDOWS\SysWow64\rlls.dll
2018-08-12 22:23:53 1116576 ----a-w- C:\WINDOWS\System32\rlls64.dll
2018-08-12 22:23:50 -------- d-----w- C:\Program Files (x86)\RelevantKnowledge
2018-08-12 22:17:43 -------- d-----w- C:\Users\emmaudrey\AppData\Local\{14A922F5-3001-4E4D-5D99-6BA579F1973D}
2018-08-12 22:16:48 -------- d-----w- C:\Users\emmaudrey\AppData\Roaming\KnctrDownloader
2018-08-12 22:16:38 -------- d-----w- C:\Program Files (x86)\WebDiscoverBrowser
2018-08-12 22:13:41 -------- d-----w- C:\Users\emmaudrey\AppData\Local\PrimeQuintaUpdateSoftware
2018-08-12 22:11:10 -------- d-----w- C:\Program Files (x86)\Common Files\TauDeimosOMK
2018-08-12 22:08:16 -------- d-----w- C:\Program Files (x86)\BedaubedOkapiBedaubedOkapi
2018-08-07 13:48:36 494912 ----a-w- C:\ProgramData\Microsoft\Windows\MKeeperStat\mkeeper.exe
2018-07-20 17:02:59 982720 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.10228.20104\ucrtbase.dll
2018-07-16 14:54:19 982720 ----a-w- C:\Program Files\Common Files\Microsoft Shared\ClickToRun\Updates\16.0.10228.20080\ucrtbase.dll
.
==================== Find3M ====================
.
2018-08-14 01:08:11 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
.
============= FINISH: 12:44:05.46 ===============

Attached Files

attach.txt (9.9 KB)

↧

Redirect from another forumsection, internetproblems

August 25, 2018, 9:31 am

≫ Next: Laptop freezing

≪ Previous: PC adware and ibuddy antivirus adds popping up

Hi there, I posted on this forum previously in another section.
hxxps://www.techsupportforum.com/forums/f338/loss-of-internet-connection-connection-up-and-down-switches-in-minutes-1230892-2.html#post7701430

They redirected me here, so let's give this a go:

According to the instructions post:
DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Kjeld at 18:19:53 on 2018-08-25
Microsoft Windows 10 Home 10.0.17134.0.1252.44.2057.18.16269.12749 [GMT 1:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\igfxEM.exe
c:\windows\system32\svchost.exe -k netsvcs -s CertPropSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\ibtsiva.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\IntelCpHDCPSvc.exe
svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\IntelCpHeciSvc.exe
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Users\Kjeld\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Users\Kjeld\AppData\Local\Discord\app-0.0.301\Discord.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Users\Kjeld\AppData\Local\Discord\app-0.0.301\Discord.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\Users\Kjeld\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18061.17410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
c:\windows\system32\svchost.exe -k localservice -s W32Time
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
D:\Steam\Steam.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s XblAuthManager
svchost.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\WINDOWS\system32\msiexec.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "C:\Users\Kjeld\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "D:\Steam\steam.exe" -silent
uRun: [Discord] C:\Users\Kjeld\AppData\Local\Discord\app-0.0.301\Discord.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\$MCREB~1.LNK -
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
TCP: NameServer = 212.115.192.193 212.115.192.100 62.238.255.69
TCP: Interfaces\{abd77a4b-61b6-4cda-94fe-d9718aeb0072} : DHCPNameServer = 212.115.192.193 212.115.192.100 62.238.255.69
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s
x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller;C:\WINDOWS\System32\drivers\iaStorA.sys [2017-12-12 906240]
R0 intelpep;Stuurprogramma voor Intel(R) Power Engine-invoegtoepassing ;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-12 177192]
R0 iorate;Filterstuurprogramma voor schijf-I/O-snelheid;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-12 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-12 63896]
R0 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-26 105368]
R0 volume;Volumestuurprogramma;C:\WINDOWS\System32\drivers\volume.sys [2018-4-12 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-26 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-12 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-12 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-12 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-12 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-12 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-12 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-12 8192]
R1 MpKsl38dc9e44;MpKsl38dc9e44;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{175455F4-738E-42AD-AD38-7AB349D7A1FE}\MpKsl38dc9e44.sys [2018-8-25 58120]
R2 CDPSvc;Service Platform voor verbonden apparaten;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R2 CDPUserSvc_2b9fa;CDPUserSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-26 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-12 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\IntelCpHDCPSvc.exe [2017-11-17 572968]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-12 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-12 51288]
R2 DusmSvc;Dataverbruik;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2017-11-27 17992]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_8717da422c5bde7c\igfxCUIService.exe [2017-11-17 398376]
R2 LGCoreTemp;Logitech CPU Core Tempurature;C:\Program Files\Logitech Gaming Software\Drivers\LgCoreTemp\LgCoreTemp.sys [2015-6-21 14184]
R2 LogiRegistryService;Logitech Gaming Registry Service;C:\Program Files\Logitech Gaming Software\Drivers\APOService\LogiRegistryService.exe [2018-5-7 206472]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-11-21 462920]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-11-27 450168]
R2 OneSyncSvc_2b9fa;OneSyncSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-12 51288]
R2 SecurityHealthService;Service Windows Defender-beveiligingscentrum;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-26 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-12 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-12 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-12 151960]
R2 WpnService;Systeemservice voor Windows Push Notifications;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R2 WpnUserService_2b9fa;WpnUserService_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2017-11-17 98984]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-12 51288]
R3 BcastDVRUserService_2b9fa;BcastDVRUserService_2b9fa;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-12 51288]
R3 BthAvctpSvc;AVCTP-service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
R3 iaLPSS2i_GPIO2;Stuurprogramma v2 voor Intel(R) Serial IO GPIO;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-12 79360]
R3 iaLPSS2i_I2C;Intel(R) Serial IO I2C-stuurprogramma v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-12 171520]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-11-17 246280]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-11-17 831520]
R3 ladfGSS;Logitech USB Surround Filter Driver (LGS);C:\WINDOWS\System32\drivers\ladfGSS.sys [2018-5-7 45168]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R3 LGBusEnum;Logitech Gaming Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2018-5-7 36496]
R3 LGJoyXlCore;Logitech Translation Layer Driver (LGS);C:\WINDOWS\System32\drivers\LGJoyXlCore.sys [2018-5-7 67736]
R3 LicenseManager;Service voor Windows-licentiebeheer ;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-12 20992]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit;C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-6-30 8709656]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-11-27 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2017-11-27 57976]
R3 PimIndexMaintenanceSvc_2b9fa;PimIndexMaintenanceSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-7-10 1138000]
R3 SEMgrSvc;Betalingen en NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
R3 TokenBroker;Webaccountbeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
R3 UEFI;Microsoft UEFI-stuurprogramma;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-26 29600]
R3 UnistoreSvc_2b9fa;UnistoreSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 UserDataSvc_2b9fa;UserDataSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
R3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-12 82944]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-7-26 781824]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-7-31 3905952]
R3 XblAuthManager;Xbox Live-verificatiebeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S2 0013061535217446mcinstcleanup;McAfee Application Installer Cleanup (0013061535217446);C:\Users\Kjeld\AppData\Local\Temp\001306~1.EXE -cleanup -nolog --> C:\Users\Kjeld\AppData\Local\Temp\001306~1.EXE -cleanup -nolog [?]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-12 51288]
S3 AcpiDev;Stuurprogramma voor ACPI-apparaten;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-12 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-12 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2017-11-17 49448]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-12 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-12 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-12 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-12 92056]
S3 BluetoothUserService_2b9fa;BluetoothUserService_2b9fa;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-12 51288]
S3 BTAGService;Bluetooth Audio Gateway-service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 51288]
S3 BthA2DP;Bluetooth-stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2018-4-12 198144]
S3 BthHFAud;Bluetooth handsfree;C:\WINDOWS\System32\drivers\BthHfAud.sys [2018-4-12 48640]
S3 BthLEEnum;Bluetooth Low Energy-stuurprogramma;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-12 86528]
S3 bttflt;VHDPMEM BTT-filter voor Microsoft Hyper-V;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-12 38304]
S3 buttonconverter;Service voor Portable Device Control-apparaten;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-12 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-12 60320]
S3 CapImg;HID-stuurprogramma voor CapImg-touchscreen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-12 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-12 321432]
S3 cht4vbd;Chelsio virtuele-busstuurprogramma;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-12 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-12 51288]
S3 DevicePickerUserSvc_2b9fa;DevicePickerUserSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-12 51288]
S3 DevicesFlowUserSvc_2b9fa;DevicesFlowUserSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-12 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 diagnosticshub.standardcollector.service;Microsoft(R) Diagnostics Hub Standard Collector-service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-19 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-12 51288]
S3 DmEnrollmentSvc;Registratieservice voor Apparaatbeheer;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 embeddedmode;Ingesloten modus;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-12 51288]
S3 genericusbfn;Algemene USB-functieklasse;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-12 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-12 51288]
S3 hidinterrupt;Algemeen stuurprogramma voor HID-knoppen waarvoor interrupts zijn geïmplementeerd;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-12 50592]
S3 HvHost;HV-hostservice;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-12 27136]
S3 iagpio;Stuurprogramma van Intel Serial IO GPIO-controller;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-12 36864]
S3 iai2c;Intel(R) Serial IO I2C-hostcontroller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-12 91648]
S3 iaLPSS2i_GPIO2_BXT_P;Stuurprogramma v2 voor Intel(R) Serial IO GPIO;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-12 88576]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C-stuurprogramma v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-12 174592]
S3 iaLPSSi_GPIO;Stuurprogramma van Intel(R) Serial IO GPIO-controller;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-12 38128]
S3 iaLPSSi_I2C;Stuurprogramma voor Intel(R) Serial IO I2C-controller;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-12 113152]
S3 iaStorAfs;iaStorAfs;C:\WINDOWS\System32\drivers\iaStorAfs.sys [2017-12-12 69632]
S3 iaStorAfsService;Intel(R) Optane(TM) Memory Service;C:\Windows\IAStorAfsService\iaStorAfsService.exe [2017-12-12 2410672]
S3 iaStorAVC;Intel Chipset SATA RAID-controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-12 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (filterstuurprogramma);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-12 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 IndirectKmd;Indirecte weergave kernelmodusstuurprogramma;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-12 38912]
S3 InstallService;Microsoft Store-installatieservice;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-12 32256]
S3 IpxlatCfgSvc;Configuratieservice voor IP-vertaling;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-12 145816]
S3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2018-5-7 26008]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-12 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-12 128408]
S3 LxpSvc;Service Language Experience;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-12 51288]
S3 mausbhost;Stuurprogramma voor MA-USB-hostcontroller;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-12 505240]
S3 mausbip;Stuurprogramma voor IP-filter voor MA-USB;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-12 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-12 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-12 82328]
S3 MessagingService_2b9fa;MessagingService_2b9fa;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-12 51288]
S3 Microsoft_Bluetooth_AvrcpTransport;Microsoft Bluetooth AVRCP-transportstuurprogramma;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-4-12 46592]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-12 842648]
S3 NaturalAuthentication;Natuurlijke authenticatie;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 ndfltr;NetworkDirect-service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-12 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-12 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-12 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-27 513144]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-27 513144]
S3 nvdimm;Microsoft NVDIMM-apparaatstuurprogramma;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-12 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-11-27 30328]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-12 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-12 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 PNPMEM;Stuurprogramma van Microsoft voor geheugenmodule;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-12 16896]
S3 PrintWorkflowUserSvc_2b9fa;PrintWorkflowUserSvc_2b9fa;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-12 51288]
S3 PushToInstall;Windows PushToInstall-service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-12 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-26 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-26 945568]
S3 RetailDemo;Retaildemoservice;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-12 51288]
S3 rhproxy;Resource Hub-proxystuurprogramma;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-12 104448]
S3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2017-11-17 429568]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-12 51288]
S3 scmbus;Microsoft-stuurprogramma voor geheugenbus opslagklasse;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-19 128920]
S3 ScpVBus;Scp Virtual Bus Driver;C:\WINDOWS\System32\drivers\ScpVBus.sys [2016-3-27 42856]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-12 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-12 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-12 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-12 51288]
S3 SmsRouter;Microsoft Windows SMS Router-service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-12 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-26 976384]
S3 storufs;Microsoft Universal Flash Storage (UFS)-stuurprogramma;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-26 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-12 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-12 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-12 152576]
S3 UcmUcsi;UCSI-client van USB-connectorbeheer;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-12 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-12 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-12 282008]
S3 UfxChipidea;Chipidea USB-controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-12 98200]
S3 ufxsynopsys;Synopsys USB-controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-12 144288]
S3 UrsChipidea;Stuurprogramma voor Chipidea USB Role-Switch;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-12 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-12 67992]
S3 UrsSynopsys;Stuurprogramma voor Synopsys USB Role-Switch;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-12 28064]
S3 VacSvc;Volumetric Audio Compositor-service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 vhf;Virtual HID Framework (VHF)-stuurprogramma;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-12 35328]
S3 vmgid;Microsoft Hyper-V-stuurprogramma voor de gastinfrastructuur;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-19 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-12 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-12 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-12 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-12 51288]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-12 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager-service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 WinMad;WinMad-service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-12 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-7-26 227840]
S3 WinVerbs;WinVerbs-service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-12 64920]
S3 wisvc;Windows Insider-service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 wlpasvc;Lokale profielassistentservice;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-12 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
S3 WpcMonSvc;Ouderlijk toezicht;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-12 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-12 59512]
S3 XblGameSave;Games opslaan op Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 xboxgip;Xbox Game Input Protocol-stuurprogramma;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-26 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 XboxNetApiSvc;Netwerkservice van Xbox Live;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S3 xinputhid;Stuurprogramma voor XINPUT HID-filter;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-12 46592]
S3 xusb22;Stuurprogramma Service Xbox 360 Draadloze ontvanger 22;C:\WINDOWS\System32\drivers\xusb22.sys [2018-4-12 99328]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-12 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-12 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Updater van automatische tijdzone;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-12 51288]
SUnknown WdmCompanionFilter;WdmCompanionFilter; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-08-25 14:23:10 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{175455F4-738E-42AD-AD38-7AB349D7A1FE}\MpKsl38dc9e44.sys
2018-08-25 14:14:49 14821528 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{175455F4-738E-42AD-AD38-7AB349D7A1FE}\mpengine.dll
2018-08-25 13:07:42 14821528 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-08-24 20:49:15 -------- d-----w- C:\Users\Kjeld\AppData\Roaming\TS3Client
2018-08-24 20:48:59 -------- d-----w- C:\Program Files\TeamSpeak 3 Client
2018-08-19 17:02:29 -------- d-----w- C:\Users\Kjeld\AppData\Local\NVIDIA
2018-08-19 17:02:25 -------- d-----w- C:\Users\Kjeld\AppData\Local\VideoEditor
2018-08-19 17:02:25 -------- d-----w- C:\Users\Kjeld\AppData\Local\Movavi
2018-08-19 17:02:00 -------- d-----w- C:\Program Files\Movavi Video Editor 14
2018-08-19 17:01:35 -------- d-----w- C:\ProgramData\Movavi Video Editor 14
2018-08-19 15:20:05 -------- d-----w- C:\Users\Kjeld\AppData\Roaming\obs-studio
2018-08-19 15:19:50 -------- d-----w- C:\Program Files (x86)\obs-studio
2018-08-19 10:32:40 985784 ----a-w- C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Desktop_16040.10325.20118.0_x86__8wekyb3d8bbwe\GAC_MSIL\Microsoft.Office.Interop.Visio\15.0.0.0__71E9BCE111E9429C\Microsoft.Office.Interop.Visio.dll
2018-08-19 10:31:23 7250400 ----a-w- C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\PackagedCom\Office16\OLMAPI32.DLL
2018-08-19 10:31:23 51888 ----a-w- C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\PackagedCom\Office16\OUTLRPC.DLL
2018-08-19 10:31:23 36520 ----a-w- C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\PackagedCom\Office16\SENDTO.DLL
2018-08-19 10:31:23 2842800 ----a-w- C:\ProgramData\Microsoft\Windows\PackagedEventProviders\Microsoft.Office.Desktop.Outlook_8wekyb3d8bbwe\MAPIR.DLL
2018-08-19 10:31:23 2842800 ----a-w- C:\ProgramData\Microsoft\Windows\PackagedEventProviders\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\MAPIR.DLL
2018-08-19 10:31:23 27840 ----a-w- C:\ProgramData\Microsoft\Windows\AppRepository\Packages\Microsoft.Office.Desktop.Outlook_16040.10325.20118.0_x86__8wekyb3d8bbwe\PackagedCom\Office16\TecProxy.dll
2018-08-06 21:30:23 -------- d-----w- C:\Users\Kjeld\AppData\Local\Colossal Order
2018-08-06 19:16:22 137712 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-08-06 19:15:56 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation\Drs
2018-08-06 19:15:56 -------- d-----w- C:\WINDOWS\System32\drivers\NVIDIA Corporation
2018-07-27 13:44:16 -------- d-----w- C:\Users\Kjeld\AppData\Local\Rockstar Games
2018-07-27 13:43:52 -------- d-----w- C:\Program Files (x86)\Rockstar Games
2018-07-27 13:43:45 -------- d-----w- C:\Program Files\Rockstar Games
2018-07-27 12:50:31 -------- d-----w- C:\Users\Kjeld\AppData\Roaming\.mono
2018-07-27 12:50:31 -------- d-----w- C:\ProgramData\.mono
2018-07-26 20:01:51 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-07-26 20:01:51 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-07-26 19:59:59 98816 ----a-w- C:\WINDOWS\System32\TelephonyInteractiveUser.dll
2018-07-26 19:57:27 -------- d-----w- C:\WINDOWS\System32\wbem\it-IT
2018-07-26 19:57:26 -------- d-----w- C:\WINDOWS\System32\drivers\it-IT
2018-07-26 19:55:44 -------- d-----w- C:\WINDOWS\System32\wbem\fr-FR
2018-07-26 19:55:44 -------- d-----w- C:\WINDOWS\System32\drivers\fr-FR
2018-07-26 19:52:51 -------- d-----w- C:\WINDOWS\System32\drivers\nb-NO
2018-07-26 19:50:13 -------- d-----w- C:\WINDOWS\System32\wbem\de-DE
2018-07-26 19:50:12 -------- d-----w- C:\WINDOWS\System32\drivers\de-DE
2018-07-26 19:48:42 -------- d-----w- C:\WINDOWS\System32\drivers\da-DK
2018-07-26 19:47:19 -------- d-----w- C:\WINDOWS\System32\wbem\es-ES
2018-07-26 19:47:19 -------- d-----w- C:\WINDOWS\System32\drivers\es-ES
2018-07-26 19:45:54 -------- d-----w- C:\WINDOWS\System32\drivers\fi-FI
2018-07-26 19:43:38 -------- d-----w- C:\WINDOWS\System32\drivers\sv-SE
2018-07-26 19:41:09 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-07-26 19:40:51 9481728 ----a-w- C:\WINDOWS\System32\prm0013.dll
2018-07-26 19:39:38 245760 ----a-w- C:\WINDOWS\System32\notepad.exe
2018-07-26 19:39:38 245760 ----a-w- C:\WINDOWS\notepad.exe
2018-07-26 19:20:01 -------- d-----w- C:\Users\Kjeld\AppData\Roaming\Frontier Developments
2018-07-26 19:20:01 -------- d-----w- C:\Users\Kjeld\AppData\Local\Frontier Developments
2018-07-26 19:16:12 -------- d-----w- C:\Users\Kjeld\AppData\Local\Logitech
2018-07-26 19:14:55 -------- d-----w- C:\Program Files\Logitech Gaming Software
2018-07-26 19:14:33 -------- d-----w- C:\Users\Kjeld\AppData\Roaming\Logishrd
2018-07-26 19:10:31 -------- d-----w- C:\Users\Kjeld\AppData\Local\D3DSCache
2018-07-26 19:08:53 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-07-26 19:07:59 -------- d-----w- C:\ProgramData\USOShared
2018-07-26 19:07:50 2752000 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2018-07-26 19:05:53 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-07-26 19:05:53 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-07-26 19:05:11 -------- d--h--w- C:\Users\Kjeld\AppData
2018-07-26 19:05:11 -------- d-----w- C:\Users\Kjeld\AppData\Local\Temp
2018-07-26 19:05:11 -------- d-----w- C:\Users\Kjeld\AppData\Local\Microsoft
2018-07-26 19:04:45 140296 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-07-26 19:04:45 116744 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2018-07-26 19:03:49 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-07-26 19:03:43 -------- d-----w- C:\WINDOWS\System32\SleepStudy
.
==================== Find3M ====================
.
2018-08-06 15:19:36 836480 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-08-06 15:19:36 181120 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-03 08:39:20 790304 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2018-08-03 08:25:07 123392 ----a-w- C:\WINDOWS\System32\fontsub.dll
2018-08-03 08:25:01 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-03 08:24:28 46592 ----a-w- C:\WINDOWS\System32\atmlib.dll
2018-08-03 08:24:26 66048 ----a-w- C:\WINDOWS\System32\msiexec.exe
2018-08-03 08:24:14 99328 ----a-w- C:\WINDOWS\System32\hlink.dll
2018-08-03 08:22:01 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-03 08:21:44 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-08-03 08:21:14 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-03 08:21:08 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-03 08:20:56 134144 ----a-w- C:\WINDOWS\System32\sppc.dll
2018-08-03 08:20:06 4049408 ----a-w- C:\WINDOWS\System32\msi.dll
2018-08-03 08:20:06 3652608 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-08-03 08:19:33 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-03 07:45:19 663128 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2018-08-03 07:33:45 98304 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll
2018-08-03 07:33:45 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-03 07:32:30 60416 ----a-w- C:\WINDOWS\SysWow64\msiexec.exe
2018-08-03 07:30:42 99840 ----a-w- C:\WINDOWS\SysWow64\hlink.dll
2018-08-03 07:29:18 621568 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-03 07:28:30 2895360 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-08-03 07:27:52 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-03 07:27:39 4050432 ----a-w- C:\WINDOWS\SysWow64\msi.dll
2018-08-03 05:41:39 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-03 04:49:49 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-03 03:47:39 1034624 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-08-03 03:47:12 128920 ----a-w- C:\WINDOWS\System32\drivers\scmbus.sys
2018-08-03 03:46:54 269248 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-03 03:46:53 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-03 03:41:03 77608 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-03 03:41:01 61736 ----a-w- C:\WINDOWS\System32\hvhostsvc.dll
2018-08-03 03:41:01 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-03 03:40:59 1221048 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-03 03:40:59 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-03 03:40:51 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-03 03:40:48 228136 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-08-03 03:40:46 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-03 03:40:43 566568 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2018-08-03 03:40:20 72800 ----a-w- C:\WINDOWS\System32\wldp.dll
2018-08-03 03:39:58 75160 ----a-w- C:\WINDOWS\System32\drivers\vpci.sys
2018-08-03 03:39:50 709824 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-08-03 03:39:49 31648 ----a-w- C:\WINDOWS\System32\drivers\winhv.sys
2018-08-03 03:39:49 114080 ----a-w- C:\WINDOWS\System32\drivers\vmbus.sys
2018-08-03 03:39:36 170936 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-08-03 03:39:19 7519992 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:39:13 7436120 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-08-03 03:39:05 9091480 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-08-03 03:39:02 692240 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll
2018-08-03 03:39:02 2829216 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-08-03 03:39:00 1457136 ----a-w- C:\WINDOWS\System32\winload.efi
2018-08-03 03:38:55 1945792 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-08-03 03:38:55 1097648 ----a-w- C:\WINDOWS\System32\msvproc.dll
2018-08-03 03:38:53 713368 ----a-w- C:\WINDOWS\System32\MSVideoDSP.dll
2018-08-03 03:38:53 1285536 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2018-08-03 03:38:52 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-08-03 03:38:50 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-08-03 03:38:49 1258288 ----a-w- C:\WINDOWS\System32\winload.exe
2018-08-03 03:38:48 885856 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2018-08-03 03:38:42 604576 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-08-03 03:38:42 158720 ----a-w- C:\WINDOWS\System32\vertdll.dll
2018-08-03 03:38:32 115640 ----a-w- C:\WINDOWS\System32\kdnet.dll
2018-08-03 03:27:01 61032 ----a-w- C:\WINDOWS\SysWow64\wldp.dll
2018-08-03 03:26:02 6043600 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-03 03:25:50 6568784 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:25:44 1131064 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-03 03:25:42 583120 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-08-03 03:25:42 539168 ----a-w- C:\WINDOWS\SysWow64\StructuredQuery.dll
2018-08-03 03:25:42 1622296 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-08-03 03:25:38 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-03 03:23:15 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-03 03:18:46 22007808 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-03 03:17:27 4380160 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-03 03:17:05 10240 ----a-w- C:\WINDOWS\System32\drivers\vmgid.sys
2018-08-03 03:16:33 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-03 03:16:25 18432 ----a-w- C:\WINDOWS\System32\winshfhc.dll
2018-08-03 03:15:43 68096 ----a-w- C:\WINDOWS\System32\drivers\winhvr.sys
2018-08-03 03:15:08 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-03 03:14:42 113664 ----a-w- C:\WINDOWS\System32\WaaSAssessment.dll
2018-08-03 03:14:18 514560 ----a-w- C:\WINDOWS\System32\nltest.exe
2018-08-03 03:14:18 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-08-03 03:14:10 4867584 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-03 03:13:50 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-03 03:13:08 3395072 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-08-03 03:13:05 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-03 03:13:04 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-03 03:12:39 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-03 03:12:38 761344 ----a-w- C:\WINDOWS\System32\nshwfp.dll
2018-08-03 03:12:35 311296 ----a-w- C:\WINDOWS\System32\drivers\netbt.sys
2018-08-03 03:12:19 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-03 03:12:13 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-03 03:12:07 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-03 03:11:34 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-08-03 03:11:28 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-03 03:11:28 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-03 03:11:25 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-03 03:11:23 3712000 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-03 03:11:21 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-03 03:11:14 983040 ----a-w- C:\WINDOWS\System32\wbiosrvc.dll
.
============= FINISH: 18:20:06,19 ===============

I do NOT have access to a windows install disc or boot cd.

Summarized what can be read in the other forum post:
Shortly after I got my pc completely up and running, my internet became terrible to work with. It would be unavailable more than available. Windows did not recognize it, but playing games, well, was impossible, if I could even load into one in the short time it was up, my experience would be nonexistent. No connection could be made with anything. All of the suggestions in the other forum post have been followed, none of them worked (for longer than 1 session).

Hope this helps, if any more info is needed, please let me know. I am at the same time waiting for an update from medion, whom I also have contacted. Hope to hear soon!

Attached Files

attach.txt (4.6 KB)

↧

Laptop freezing

August 26, 2018, 8:53 am

≫ Next: Facebook (blocked newsfeed)

≪ Previous: Redirect from another forumsection, internetproblems

My laptop keeps freezing & I have to power it off & restart to get back up. It happens more when I'm watching videos in full screen or playing a simple game on Facebook. Can someone help?

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by killi at 8:42:49 on 2018-08-26
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8049.4786 [GMT -7:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SensrSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
svchost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe
C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Driver Support\DriverSupport.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxEM.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Users\killi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Users\killi\AppData\Local\chromium\Application\chrome.exe
C:\Users\killi\AppData\Local\Cisco\VideoGuardPlayer\VideoGuardMonitor\CiscoVideoGuardMonitor.exe
C:\Users\killi\AppData\Local\chromium\Application\chrome.exe
C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
C:\Users\killi\AppData\Local\Facebook\Games\FacebookGameroom.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Users\killi\AppData\Local\chromium\Application\chrome.exe
C:\Users\killi\AppData\Local\chromium\Application\chrome.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
C:\Users\killi\AppData\Local\Facebook\Games\Facebook Gameroom Browser.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k bcastdvruserservice -s BcastDVRUserService
C:\Program Files\ByteFence\ByteFence.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=arh&hsimp=yhs-001&type=zxy_83442e6b6dc95a08e5&param1=ArFaIWVoNqArQGMVHFFoNqAqBbFaISEaQGR7xTVoN9I4y7IsQGR7B7JoN9JbDSk8vFE9GqQANFdcFCk8wVI3vqYVvFE9IWYWNVA4JqYTNVFdJ6IWvFJdIWYYvFE9GqYVNUI3wGYGwVM3vCoVvFQ9GqUNNos3wCIYwVA9Jmk4wVA4ICITvFI9J6ILNFdcJ6k8NoFcFGUMwVU9JmITwVU9ImoVwV5cGWUSNFRcEqULNopcGWUIvmFbF6IXvFQ9J6oXNVU4ICIWwVQ9I6oXNVQ4JaYYwVw4IGYYvFRdJmISvFI9IWYTwVU9I6IWwVQ9IWYWvFM9JmoXvFM9IWYUvFE9IWQIwV5cGGUTNFRbDqUDNF5bDGUNNEU3wGQGvFM4J6oWvFE3vqYUvFQ4JmISNVA4ICIXwVQ9I6oUvFE4IGYUwVw3vGYTvFFdICISNVNdIGYXvFFdISIVwVI9JCk3wVVdJCIXNoU9GqYYNVc3wCoUQGR7B6RoN9JcMGNaLGR9MWF9QGR7BHFaISopzU0aCaV6CaV4C6wrAo0nx81cMo18NrFbMn0aC6AoxrFaIWVdOqZoNqAexbFaIUwkynIew6NoNpRcNXFbJpseyDF%3D&param2=NaB4NGVbLGF4
uLocal Page = %11%\blank.htm
BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
StartupFolder: C:\Users\killi\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\FACEBO~1.LNK - C:\Users\killi\AppData\Local\Facebook\Games\FacebookGameroom.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
DPF: {9EF2BA47-C6A7-470D-9DD9-4323B0CB8353} - hxxp://192.168.1.17/WebClient.exe
DPF: {A4150320-98EC-4DB6-9BFB-EBF4B6FBEB16} - hxxp://192.168.1.11/codebase/DVM_IPCam2.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{8c844491-a4d5-4f69-bc3a-2ac3aea779b6} : DHCPNameServer = 172.51.1.171
TCP: Interfaces\{8cf38701-0fbd-48d3-a0fe-96550aa0aa75} : DHCPNameServer = 192.168.1.1
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [QuickSet] c:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [cAudioFilterAgent] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
x64-Run: [WavesSvc] "C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe"
x64-Run: [SmartAudio] C:\Program Files\Conexant\SA3\Dell-Notebook\SACpl.exe /sa3 /nv:3.0+ /uid:Dell-Notebook /s /dne
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.1 mssplus.mcafee.com
Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2016-3-17 1462720]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-18 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 MpKsl6a070500;MpKsl6a070500;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD18F3B2-49D8-455B-8392-1DFF7FB9341C}\MpKsl6a070500.sys [2018-8-25 58120]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_4931c;Connected Devices Platform User Service_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\IntelCpHDCPSvc.exe [2018-3-22 487856]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DpmLiteDrv;DpmLiteDrv;C:\Program Files\Dell\QuickSet\DpmLiteDrv64.sys [2014-10-15 15080]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 esifsvc;ESIF Upper Framework Service;C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [2016-9-7 1585784]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\ki127176.inf_amd64_86c658cabfb17c9c\igfxCUIService.exe [2018-3-22 423856]
R2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;C:\Program Files (x86)\McAfee\SiteAdvisor\mcsacore.exe [2018-7-19 604824]
R2 OneSyncSvc_4931c;Sync Host_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 rtop;rtop;C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2017-1-1 297288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_4931c;Windows Push Notifications User Service_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 BcastDVRUserService_4931c;GameDVR and Broadcast User Service_4931c;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 dptf_acpi;dptf_acpi;C:\WINDOWS\System32\drivers\dptf_acpi.sys [2016-9-7 70208]
R3 dptf_cpu;dptf_cpu;C:\WINDOWS\System32\drivers\dptf_cpu.sys [2016-9-7 65088]
R3 esif_lf;esif_lf;C:\WINDOWS\System32\drivers\esif_lf.sys [2016-9-7 343608]
R3 HidEventFilter;Intel(R) HID Event Filter;C:\WINDOWS\System32\drivers\HidEventFilter.sys [2016-3-17 43512]
R3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
R3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2016-10-15 250624]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-12-8 820168]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2018-7-19 111608]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 Netwtw04;___ Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit;C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-4-11 7689728]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_4931c;Contact Data_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SensorsHIDClassDriver;UMDF Reflector service for Sensors HID Class Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_4931c;User Data Storage_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_4931c;User Data Access_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 VirtualButtons;Intel(R) Virtual Buttons;C:\WINDOWS\System32\drivers\VirtualButtons.sys [2017-3-31 41992]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-30 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-7-30 3905952]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-3-17 143144]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_4931c;Bluetooth User Support Service_4931c;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-3-17 143144]
S3 DevicePickerUserSvc_4931c;DevicePicker_4931c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_4931c;DevicesFlow_4931c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_4931c;MessagingService_4931c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_4931c;PrintWorkflow_4931c;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-18 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-18 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-18 48544]
S3 SWDUMon;SWDUMon;C:\WINDOWS\System32\drivers\SWDUMon.sys [2016-8-21 13920]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-18 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AESMService;Intel® SGX AESM;C:\Program Files\Intel\IntelSGXPSW\bin\x64\Release\aesm_service.exe [2015-9-30 3715208]
S4 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-9-7 83768]
S4 ByteFenceService;ByteFence Anti-Malware Service;C:\Program Files\ByteFence\ByteFenceService.exe [2018-5-15 157512]
S4 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 1413736]
S4 CxAudMsg;Conexant Audio Message Service;C:\WINDOWS\System32\CxAudMsg64.exe [2016-3-17 206552]
S4 CxUtilSvc;CxUtilSvc;C:\Program Files\CONEXANT\SA3\Dell-Notebook\CxUtilSvc.exe [2016-3-17 135288]
S4 Dell Customer Connect;Dell Customer Connect;C:\Program Files (x86)\Dell Customer Connect\DCCService.exe [2016-12-21 130936]
S4 Dell Foundation Services;Dell Foundation Services;C:\Program Files\Dell\Dell Foundation Services\DFSSvc.exe [2017-1-11 97616]
S4 Dell Help & Support;Dell Help & Support;C:\Program Files\Dell\Dell Help & Support\MDLCSvc.exe [2016-12-22 77648]
S4 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2015-6-23 238320]
S4 DSAO;Driver Support AO Service;C:\Program Files (x86)\Veloxum\iPTE\DriverSupportAOsvc.exe [2016-8-30 2033104]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S4 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S4 Intel(R) WiDi SAM;Intel(R) WiDi Software Asset Manager;C:\Program Files (x86)\Intel Corporation\Intel WiDi\Intel(R) Software Asset Manager\bin\IntelSoftwareAssetManagerService.exe [2015-6-23 19088]
S4 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
S4 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-9-18 207648]
S4 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [2017-9-5 404376]
S4 MyWiFiDHCPDNS;Wireless PAN DHCP Server;C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [2017-2-13 268704]
S4 Product Registration;Product Registration;C:\Program Files\Dell\Dell Product Registration\PRSvc.exe [2017-4-6 47144]
S4 RosettaStoneDaemon;RosettaStoneDaemon;C:\Program Files (x86)\RosettaStoneLtdServices\RosettaStoneDaemon.exe [2012-6-19 1646608]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 SlimService;SlimWare Utility Service Launcher;C:\Program Files\SlimService\SlimServiceFactory.exe [2016-7-25 252096]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 WavesSysSvc;Waves Audio Services;C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe [2015-7-7 564144]
S4 ZeroConfigService;Intel(R) PROSet/Wireless Zero Configuration Service;C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [2017-2-13 3743648]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-08-26 15:39:07 14821528 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{FC6AAE42-0593-4437-BCEC-52CA82CE7B42}\mpengine.dll
2018-08-25 18:39:35 58120 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{DD18F3B2-49D8-455B-8392-1DFF7FB9341C}\MpKsl6a070500.sys
2018-08-25 16:49:11 14821528 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-08-17 18:08:13 -------- d-sh--w- C:\ProgramData\ms-drivers
2018-08-17 18:08:13 -------- d-sh--w- C:\ProgramData\icsxml
2018-08-15 02:03:59 884224 ----a-w- C:\WINDOWS\System32\NMAA.dll
2018-08-11 01:13:52 -------- d-----w- C:\Users\killi\opera autoupdate
.
==================== Find3M ====================
.
2018-08-06 15:19:36 836480 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-08-06 15:19:36 181120 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-03 08:39:20 790304 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2018-08-03 08:25:07 123392 ----a-w- C:\WINDOWS\System32\fontsub.dll
2018-08-03 08:25:01 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-03 08:24:28 46592 ----a-w- C:\WINDOWS\System32\atmlib.dll
2018-08-03 08:24:26 66048 ----a-w- C:\WINDOWS\System32\msiexec.exe
2018-08-03 08:24:14 99328 ----a-w- C:\WINDOWS\System32\hlink.dll
2018-08-03 08:22:01 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-03 08:21:44 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-08-03 08:21:14 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-03 08:21:08 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-03 08:20:56 134144 ----a-w- C:\WINDOWS\System32\sppc.dll
2018-08-03 08:20:06 4049408 ----a-w- C:\WINDOWS\System32\msi.dll
2018-08-03 08:20:06 3652608 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-08-03 08:19:33 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-03 07:45:19 663128 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2018-08-03 07:33:45 98304 ----a-w- C:\WINDOWS\SysWow64\fontsub.dll
2018-08-03 07:33:45 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-03 07:32:30 60416 ----a-w- C:\WINDOWS\SysWow64\msiexec.exe
2018-08-03 07:30:42 99840 ----a-w- C:\WINDOWS\SysWow64\hlink.dll
2018-08-03 07:29:18 621568 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-03 07:28:30 2895360 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-08-03 07:27:52 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-03 07:27:39 4050432 ----a-w- C:\WINDOWS\SysWow64\msi.dll
2018-08-03 05:41:39 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-03 04:49:49 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-03 03:47:39 1034624 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-08-03 03:47:12 128920 ----a-w- C:\WINDOWS\System32\drivers\scmbus.sys
2018-08-03 03:46:54 269248 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-03 03:46:53 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-03 03:41:03 77608 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-03 03:41:01 61736 ----a-w- C:\WINDOWS\System32\hvhostsvc.dll
2018-08-03 03:41:01 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-03 03:40:59 1221048 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-03 03:40:59 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-03 03:40:51 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-03 03:40:48 228136 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-08-03 03:40:46 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-03 03:40:43 566568 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2018-08-03 03:40:20 72800 ----a-w- C:\WINDOWS\System32\wldp.dll
2018-08-03 03:39:58 75160 ----a-w- C:\WINDOWS\System32\drivers\vpci.sys
2018-08-03 03:39:50 709824 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-08-03 03:39:49 31648 ----a-w- C:\WINDOWS\System32\drivers\winhv.sys
2018-08-03 03:39:49 114080 ----a-w- C:\WINDOWS\System32\drivers\vmbus.sys
2018-08-03 03:39:36 170936 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-08-03 03:39:19 7519992 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:39:13 7436120 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-08-03 03:39:05 9091480 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-08-03 03:39:02 692240 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll
2018-08-03 03:39:02 2829216 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-08-03 03:39:00 1457136 ----a-w- C:\WINDOWS\System32\winload.efi
2018-08-03 03:38:55 1945792 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-08-03 03:38:55 1097648 ----a-w- C:\WINDOWS\System32\msvproc.dll
2018-08-03 03:38:53 713368 ----a-w- C:\WINDOWS\System32\MSVideoDSP.dll
2018-08-03 03:38:53 1285536 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2018-08-03 03:38:52 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-08-03 03:38:50 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-08-03 03:38:49 1258288 ----a-w- C:\WINDOWS\System32\winload.exe
2018-08-03 03:38:48 885856 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2018-08-03 03:38:42 604576 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-08-03 03:38:42 158720 ----a-w- C:\WINDOWS\System32\vertdll.dll
2018-08-03 03:38:32 115640 ----a-w- C:\WINDOWS\System32\kdnet.dll
2018-08-03 03:27:01 61032 ----a-w- C:\WINDOWS\SysWow64\wldp.dll
2018-08-03 03:26:02 6043600 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-03 03:25:50 6568784 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:25:44 1131064 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-03 03:25:42 583120 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-08-03 03:25:42 539168 ----a-w- C:\WINDOWS\SysWow64\StructuredQuery.dll
2018-08-03 03:25:42 1622296 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-08-03 03:25:38 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-03 03:23:15 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-03 03:18:46 22007808 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-03 03:17:27 4380160 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-03 03:17:05 10240 ----a-w- C:\WINDOWS\System32\drivers\vmgid.sys
2018-08-03 03:16:33 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-03 03:16:25 18432 ----a-w- C:\WINDOWS\System32\winshfhc.dll
2018-08-03 03:15:43 68096 ----a-w- C:\WINDOWS\System32\drivers\winhvr.sys
2018-08-03 03:15:08 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-03 03:14:42 113664 ----a-w- C:\WINDOWS\System32\WaaSAssessment.dll
2018-08-03 03:14:18 514560 ----a-w- C:\WINDOWS\System32\nltest.exe
2018-08-03 03:14:18 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-08-03 03:14:10 4867584 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-03 03:13:50 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-03 03:13:08 3395072 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-08-03 03:13:05 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-03 03:13:04 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-03 03:12:39 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-03 03:12:38 761344 ----a-w- C:\WINDOWS\System32\nshwfp.dll
2018-08-03 03:12:35 311296 ----a-w- C:\WINDOWS\System32\drivers\netbt.sys
2018-08-03 03:12:19 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-03 03:12:13 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-03 03:12:07 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-03 03:11:34 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-08-03 03:11:28 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-03 03:11:28 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-03 03:11:25 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-03 03:11:23 3712000 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-03 03:11:21 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-03 03:11:14 983040 ----a-w- C:\WINDOWS\System32\wbiosrvc.dll
.
============= FINISH: 8:44:39.48 ===============

Attached Files

attach.txt (9.6 KB)

↧

Facebook (blocked newsfeed)

August 29, 2018, 2:33 pm

≫ Next: Bullguard Trojan

≪ Previous: Laptop freezing

Facebook newsfeed is blocked out

Dear TSF,

All 3 major web browsers are blocking my news feed, I'm also afraid that malware
has infected my Iphone's facebook application. + PC clock, is always needing to be reset.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Cow Robot at 17:28:25 on 2018-08-29
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.16314.13494 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan *Enabled/Updated* {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall *Enabled* {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\program files\common files\mcafee\modulecore\modulecoreservice.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\ibtsiva.exe
C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
C:\WINDOWS\system32\valWBFPolicyService.exe
C:\WINDOWS\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\VSCore_18_5\McApExe.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\sihost.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
C:\WINDOWS\system32\SettingSyncHost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\Cow Robot\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
c:\program files\common files\mcafee\modulecore\ModuleCoreService.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18061.17410.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.18071.11711.0_x64__8wekyb3d8bbwe\Music.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11807.1001.13.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1807.2121.0_x64__8wekyb3d8bbwe\Calculator.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18071.11811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\PROGRA~1\COMMON~1\McAfee\Platform\McUICnt.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
c:\windows\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uRun: [OneDrive] "C:\Users\Cow Robot\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{1c636224-c92b-4f8d-85cc-6c6f6503892b} : DHCPNameServer = 192.168.1.1
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cow Robot\AppData\Roaming\Mozilla\Firefox\Profiles\15r13yfo.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/
FF - plugin: c:\PROGRA~1\mcafee\msc\npMcSnFFPl64.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-6-23 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2018-5-16 954784]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2018-5-16 252832]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-11 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_263c01;Connected Devices Platform User Service_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-15 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2018-5-3 353768]
R2 McAPExe;McAfee AP Service;C:\Program Files\Common Files\McAfee\VSCore_18_5\mcapexe.exe [2018-8-26 728808]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe [2018-4-6 2141912]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2018-8-26 519120]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2018-8-26 473552]
R2 ModuleCoreService;McAfee Module Core Service;C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2018-8-26 1689952]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-8-26 464456]
R2 OneSyncSvc_263c01;Sync Host_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 PEFService;McAfee PEF Service;C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [2018-8-26 1047448]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-4-23 294616]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-15 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-8-18 278616]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2016-3-9 100384]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_263c01;Windows Push Notifications User Service_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2018-5-16 77216]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2018-5-15 136720]
R3 ISCT;Intel(R) Smart Connect Technology Device Driver;C:\WINDOWS\System32\drivers\ISCTD64.sys [2013-8-13 46568]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2018-5-16 497568]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2018-5-16 361888]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2018-5-16 533408]
R3 mfencbdc;McAfee LLC. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2018-5-3 550288]
R3 mfeplk;McAfee Inc. mfeplk;C:\WINDOWS\System32\drivers\mfeplk.sys [2018-5-16 115616]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2018-5-11 3586072]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_263c01;Contact Data_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-23 886528]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-6-7 55384]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_263c01;User Data Storage_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_263c01;User Data Access_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-2-2 34960]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2018-5-16 83952]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 BcastDVRUserService_263c01;GameDVR and Broadcast User Service_263c01;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_263c01;Bluetooth User Support Service_263c01;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClientAnalyticsService;ClientAnalyticsService;C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2018-8-26 1508656]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_263c01;DevicePicker_263c01;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_263c01;DevicesFlow_263c01;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-15 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GetSusp;GetSusp;C:\Windows\GetSusp.sys [2018-8-26 16680]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2018-8-26 226984]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_263c01;MessagingService_263c01;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2018-8-26 359888]
S3 mfencrk;McAfee LLC. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2018-5-3 108944]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStUSB;NVIDIA Stereoscopic 3D USB driver;C:\WINDOWS\System32\drivers\nvstusb.sys [2017-5-18 486936]
S3 NVSWCFilter;NVIDIA SHIELD Wireless Controller Trackpad Service;C:\WINDOWS\System32\drivers\nvswcfilter.sys [2017-11-30 26560]
S3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-1-8 57792]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_263c01;PrintWorkflow_263c01;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-11 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2014-8-26 272600]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2014-8-26 331992]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-15 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2017-6-7 53848]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-25 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2018-2-1 54784]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-15 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2015-11-12 26880]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-13 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-8-26 61992]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-8-26 3905952]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-15 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-11 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-08-28 11:04:53 -------- d--h--w- C:\OneDriveTemp
2018-08-26 18:25:22 16680 ----a-w- C:\WINDOWS\GetSusp.sys
2018-08-26 18:14:44 -------- d-----w- C:\Program Files (x86)\LogMeIn Rescue Applet
2018-08-26 18:14:15 -------- d-----w- C:\Users\Cow Robot\AppData\Local\LogMeIn Rescue Applet
2018-08-26 17:40:01 226984 ----a-w- C:\WINDOWS\System32\drivers\HipShieldK.sys
2018-08-26 17:39:00 -------- d-----w- C:\Program Files\McAfee.com
2018-08-26 17:38:59 -------- d-----w- C:\Program Files\McAfee
2018-08-26 17:38:22 -------- d-----w- C:\Program Files\Common Files\AV
2018-08-26 17:38:20 -------- d-----w- C:\Program Files (x86)\McAfee
2018-08-26 17:37:22 473552 ----a-w- C:\WINDOWS\System32\mfevtps.exe
2018-08-26 17:37:22 -------- d-----w- C:\Program Files\Common Files\McAfee
2018-08-26 17:37:22 -------- d-----w- C:\Program Files (x86)\Common Files\McAfee
2018-08-26 08:48:51 14821528 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{A025A9B6-80BB-4D7B-B672-E657CC8AC5F9}\mpengine.dll
2018-08-26 08:48:23 -------- d-----w- C:\WINDOWS\System32\MRT
2018-08-26 06:35:32 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2018-08-26 06:33:44 2752000 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2018-08-26 06:31:31 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-08-26 06:31:31 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-08-26 06:31:26 -------- d-sh--we C:\ProgramData\Documents
2018-08-26 06:31:26 -------- d-sh--we C:\Documents and Settings
2018-08-26 06:23:22 -------- d-----w- C:\ProgramData\Synaptics
2018-08-26 06:21:57 -------- d-----w- C:\ProgramData\NVIDIA Corporation
2018-08-26 06:21:48 -------- d-----w- C:\Program Files\NVIDIA Corporation
2018-08-26 06:21:48 -------- d-----w- C:\Program Files (x86)\NVIDIA Corporation
2018-08-26 06:21:42 -------- d-----w- C:\ProgramData\USOShared
2018-08-26 06:19:16 -------- d-----w- C:\WINDOWS\System32\drivers\wd
2018-08-26 06:19:11 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-08-26 06:18:22 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-08-26 06:18:22 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-08-26 06:18:19 -------- d-s---w- C:\WINDOWS\System32\Microsoft
2018-08-26 05:48:50 14821528 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-08-26 05:48:38 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-08-26 05:20:29 -------- d-----w- C:\Users\Cow Robot\AppData\Local\DBG
2018-08-26 04:34:44 -------- d-----w- C:\Users\Cow Robot\AppData\Roaming\ArcadeGameSeries
2018-08-26 04:25:46 -------- d-----w- C:\Users\Cow Robot\AppData\Local\Steam
2018-08-26 04:25:46 -------- d-----w- C:\Users\Cow Robot\AppData\Local\CEF
2018-08-26 04:22:52 -------- d-----w- C:\Program Files (x86)\Common Files\Steam
2018-08-26 04:22:48 -------- d-----w- C:\Program Files (x86)\Steam
2018-08-26 04:02:28 -------- d-----w- C:\Users\Cow Robot\AppData\Local\Comms
2018-08-26 04:01:50 -------- d-----w- C:\ProgramData\Packages
.
==================== Find3M ====================
.
2018-08-28 11:04:29 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-08-26 08:42:58 61992 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-08-26 08:42:58 46584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-08-26 08:42:58 340008 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-08-26 06:22:59 6567 ----a-w- C:\WINDOWS\System32\drivers\rtkhdasetting.zip
2018-08-26 06:22:48 200 ----a-w- C:\WINDOWS\System32\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
2018-08-26 06:22:40 0 ----a-w- C:\WINDOWS\System32\GfxValDisplayLog.bin
2018-08-26 03:14:30 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2018-08-26 03:14:28 229376 ----a-w- C:\WINDOWS\System32\msclmd.dll
2018-08-26 01:37:55 287232 ------w- C:\WINDOWS\System32\drivers\mrxsmb10.sys
2018-08-26 01:16:35 133632 ----a-w- C:\WINDOWS\System32\browser.dll
2018-08-06 15:19:36 836480 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-08-06 15:19:36 181120 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-03 08:39:20 790304 ------w- C:\WINDOWS\System32\fontdrvhost.exe
2018-08-03 08:25:07 123392 ------w- C:\WINDOWS\System32\fontsub.dll
2018-08-03 08:25:01 178176 ------w- C:\WINDOWS\System32\t2embed.dll
2018-08-03 08:24:28 46592 ------w- C:\WINDOWS\System32\atmlib.dll
2018-08-03 08:24:26 66048 ------w- C:\WINDOWS\System32\msiexec.exe
2018-08-03 08:24:14 99328 ------w- C:\WINDOWS\System32\hlink.dll
2018-08-03 08:22:01 1127936 ------w- C:\WINDOWS\System32\nettrace.dll
2018-08-03 08:21:44 1121792 ------w- C:\WINDOWS\System32\TSWorkspace.dll
2018-08-03 08:21:14 1364992 ------w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-03 08:21:08 765440 ------w- C:\WINDOWS\System32\tdh.dll
2018-08-03 08:20:56 134144 ------w- C:\WINDOWS\System32\sppc.dll
2018-08-03 08:20:06 4049408 ------w- C:\WINDOWS\System32\msi.dll
2018-08-03 08:20:06 3652608 ------w- C:\WINDOWS\System32\win32kfull.sys
2018-08-03 08:19:33 1661440 ------w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-03 07:45:19 663128 ------w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2018-08-03 07:33:45 98304 ------w- C:\WINDOWS\SysWow64\fontsub.dll
2018-08-03 07:33:45 138752 ------w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-03 07:32:30 60416 ------w- C:\WINDOWS\SysWow64\msiexec.exe
2018-08-03 07:30:42 99840 ------w- C:\WINDOWS\SysWow64\hlink.dll
2018-08-03 07:29:18 621568 ------w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-03 07:28:30 2895360 ------w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-08-03 07:27:52 1469952 ------w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-03 07:27:39 4050432 ------w- C:\WINDOWS\SysWow64\msi.dll
2018-08-03 05:41:39 1008640 ------w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-03 04:49:49 868864 ------w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-03 03:47:39 1034624 ------w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-08-03 03:47:12 128920 ----a-w- C:\WINDOWS\System32\drivers\scmbus.sys
2018-08-03 03:46:54 269248 ------w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-03 03:46:53 272296 ------w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-03 03:41:03 77608 ------w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-03 03:41:01 61736 ------w- C:\WINDOWS\System32\hvhostsvc.dll
2018-08-03 03:41:01 568600 ------w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-03 03:40:59 1221048 ------w- C:\WINDOWS\System32\hvix64.exe
2018-08-03 03:40:59 1064744 ------w- C:\WINDOWS\System32\SecConfig.efi
2018-08-03 03:40:51 1030952 ------w- C:\WINDOWS\System32\hvax64.exe
2018-08-03 03:40:48 228136 ------w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-08-03 03:40:46 136488 ------w- C:\WINDOWS\System32\hvloader.dll
2018-08-03 03:40:43 566568 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2018-08-03 03:40:20 72800 ------w- C:\WINDOWS\System32\wldp.dll
2018-08-03 03:39:58 75160 ----a-w- C:\WINDOWS\System32\drivers\vpci.sys
2018-08-03 03:39:50 709824 ------w- C:\WINDOWS\System32\drivers\cng.sys
2018-08-03 03:39:49 31648 ------w- C:\WINDOWS\System32\drivers\winhv.sys
2018-08-03 03:39:49 114080 ----a-w- C:\WINDOWS\System32\drivers\vmbus.sys
2018-08-03 03:39:36 170936 ------w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-08-03 03:39:19 7519992 ------w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:39:13 7436120 ------w- C:\WINDOWS\System32\windows.storage.dll
2018-08-03 03:39:05 9091480 ------w- C:\WINDOWS\System32\ntoskrnl.exe
2018-08-03 03:39:02 692240 ------w- C:\WINDOWS\System32\StructuredQuery.dll
2018-08-03 03:39:02 2829216 ------w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-08-03 03:39:00 1457136 ------w- C:\WINDOWS\System32\winload.efi
2018-08-03 03:38:55 1945792 ------w- C:\WINDOWS\System32\ntdll.dll
2018-08-03 03:38:55 1097648 ------w- C:\WINDOWS\System32\msvproc.dll
2018-08-03 03:38:53 713368 ------w- C:\WINDOWS\System32\MSVideoDSP.dll
2018-08-03 03:38:53 1285536 ------w- C:\WINDOWS\System32\drivers\ndis.sys
2018-08-03 03:38:52 1140576 ------w- C:\WINDOWS\System32\winresume.efi
2018-08-03 03:38:50 983016 ------w- C:\WINDOWS\System32\winresume.exe
2018-08-03 03:38:49 1258288 ------w- C:\WINDOWS\System32\winload.exe
2018-08-03 03:38:48 885856 ------w- C:\WINDOWS\System32\CoreMessaging.dll
2018-08-03 03:38:42 604576 ------w- C:\WINDOWS\System32\securekernel.exe
2018-08-03 03:38:42 158720 ------w- C:\WINDOWS\System32\vertdll.dll
2018-08-03 03:38:32 115640 ------w- C:\WINDOWS\System32\kdnet.dll
2018-08-03 03:27:01 61032 ------w- C:\WINDOWS\SysWow64\wldp.dll
2018-08-03 03:26:02 6043600 ------w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-03 03:25:50 6568784 ------w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-03 03:25:44 1131064 ------w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-03 03:25:42 583120 ------w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-08-03 03:25:42 539168 ------w- C:\WINDOWS\SysWow64\StructuredQuery.dll
2018-08-03 03:25:42 1622296 ------w- C:\WINDOWS\SysWow64\ntdll.dll
2018-08-03 03:25:38 568568 ------w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-03 03:23:15 25846784 ------w- C:\WINDOWS\System32\edgehtml.dll
2018-08-03 03:18:46 22007808 ------w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-03 03:17:27 4380160 ------w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-03 03:17:05 10240 ----a-w- C:\WINDOWS\System32\drivers\vmgid.sys
2018-08-03 03:16:33 144384 ------w- C:\WINDOWS\System32\mssprxy.dll
2018-08-03 03:16:25 18432 ------w- C:\WINDOWS\System32\winshfhc.dll
2018-08-03 03:15:43 68096 ------w- C:\WINDOWS\System32\drivers\winhvr.sys
2018-08-03 03:15:08 8188928 ------w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-03 03:14:42 113664 ------w- C:\WINDOWS\System32\WaaSAssessment.dll
2018-08-03 03:14:18 514560 ------w- C:\WINDOWS\System32\nltest.exe
2018-08-03 03:14:18 209408 ------w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-08-03 03:14:10 4867584 ------w- C:\WINDOWS\System32\jscript9.dll
2018-08-03 03:13:50 6661632 ------w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-03 03:13:08 3395072 ------w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-08-03 03:13:05 395776 ------w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-03 03:13:04 154112 ------w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-03 03:12:39 3392000 ------w- C:\WINDOWS\System32\tquery.dll
2018-08-03 03:12:38 761344 ------w- C:\WINDOWS\System32\nshwfp.dll
.
============= FINISH: 17:28:58.16 ===============

Attached Files

DDS text for TSF.txt (46.0 KB)

↧

Bullguard Trojan

September 24, 2018, 4:29 am

≫ Next: Randomly downloaded a file simply called "$"

≪ Previous: Facebook (blocked newsfeed)

Hi,
A friend asked me to have a look at his windows 10 PC regarding a pop-up warning he keeps receiving regarding a Trojan threat. He is using Bullguard.
Sure enough after about 5 minutes the pop-up appears stating Trojan found. Looking at the details, its located on C: drive, and reads:user\username\appdata\roaming\stafrvtm\barrcvdd.exe
I googled this but it didnt return a result so Im a bit puzzled. I ran a full scan using Bullguard and it was clear, however, this warning kept appearing at regular intervals.
As this is not my PC Im reluctant to delete the exe file.
Can anyone shed some light on this so that I can resolve the situation for him?
Thanks

↧

Randomly downloaded a file simply called "$"

September 24, 2018, 4:21 pm

≫ Next: Win Erx03 pops up constantly

≪ Previous: Bullguard Trojan

I was on a wiki just now for a mobile game I play, and I visit this wiki all the time, and never had anything odd happen. But just now, when I was navigating the site, my Chrome browser randomly downloaded a file called "$". I'm super paranoid about malware and whatnot, so I'm kind of freaking out.

I immediately scanned the file with Malwarebytes, and it didn't turn up anything bad, and I immediately deleted the file and emptied my recycling bin. Is there any other way I can know if that was something bad that infected my computer?

I also went into my Chrome downloads, and I copied the entire link from the file that was downloaded, so I have the link, but I don't know if I should post it here in case it is something bad. Is there any way to tell from a URL if it's malware related?

↧

Win Erx03 pops up constantly

September 29, 2018, 4:18 am

≫ Next: Trojan:Win32/Starter.R

≪ Previous: Randomly downloaded a file simply called "$"

This has just started. Almost impossible to close the page except by using Task Manager but then it pops up again. It is not in the download list in control panel nor in my search providers. I've changed my default homepage. I've done a search in the Registry to no avail so it must be residing somewhere.
All help gratefully received.
P.S. I would send likes as I believe people who help should be rewarded somehow but I do not belong to any social media so I'll send a personal like here.

↧

Trojan:Win32/Starter.R

October 9, 2018, 6:31 pm

≫ Next: Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects

≪ Previous: Win Erx03 pops up constantly

Defender finds the threat Trojan:Win32/Starter.R about 3-4x a day. Each time I remove it, but awhile later it hits on it again. I've also ran Malwarebytes and removed it with it several times, but still apparently shows back up. I've seen online when I was searching for info on it, several sites saying it can be easy to permanently remove BUT by using their program. I don't trust just every program that boasts being a legit virus remover. Needless to say I figured I'd come here (cause I know to trust any program you may recommend, if needed).
Thank you for your time and assistance.

P.S. I don't think I have easy access to windows boot cd

THIS IS WHAT "DETAILS" DEFENDER GIVES EACH TIME IT NOTIFIES ME OF IT

Trojan:Win32/Starter.R
CmdLine: \Device\HarddiskVolume4\Windows\System32\cmd.exe "cmd.exe" /c start /min cmd /c "(echo @echo off > "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /complete 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /cancel 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo if exist "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" goto q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & for /f %i in ('dir /a:-d /b /w "C:\ProgramData\89331b0d-24f7-1\*.tmp"') do (echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\%i" >> "C:\ProgramData\89331b0d-24f7-1\x.bat")) > nul & echo :q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo del "C:\ProgramData\89331b0d-24f7-1\x.bat" ^& exit >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & "C:\ProgramData\89331b0d-24f7-1\x.bat""

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Christopher&Gabriell at 20:04:03 on 2018-10-09
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.3554.1271 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\System32\CastSrv.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\WINDOWS\system32\osk.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera_crashreporter.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Windows.WARP.JITService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = %11%\blank.htm
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
TCP: Interfaces\{982D5C35-5D95-44B3-84D9-0D16030AAD83} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-8-17 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2018-8-16 92536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2014-9-15 257032]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-9-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\WINDOWS\System32\drivers\appexDrv.sys [2018-9-20 228032]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-17 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-9-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 333688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2018-9-21 2451456]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-17 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-4-28 253960]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R3 ALSysIO;ALSysIO;C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [2018-8-20 46384]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2017-11-17 111112]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2018-8-16 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2018-8-16 58536]
R3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-9-25 60584]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-5-11 34944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2012-9-2 79528]
S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2012-9-2 26280]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-9-22 21160]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-17 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-4 1031704]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-8-29 6541008]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2018-6-13 253640]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-8-17 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-8-17 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2018-8-16 690832]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\RpcAgentSrv.exe [2018-9-14 136192]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-17 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-8-24 43832]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-8-17 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-8-17 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-8-17 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-8-17 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-17 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-8-17 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-17 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-8-17 295424]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-10-09 08:44:41 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{765F7C9F-1CB4-4B4B-A7B4-9A30AEF02AB2}\mpengine.dll
2018-10-09 07:07:14 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-10-04 07:15:04 -------- d-----w- C:\Program Files (x86)\Ruiware
2018-10-04 07:15:03 -------- d-----w- C:\ProgramData\InstallMate
2018-09-30 05:31:57 -------- d-----w- C:\WINDOWS\SysWow64\wdegbma
2018-09-29 02:10:59 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2018-09-28 04:42:44 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\CEF
2018-09-28 04:42:24 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Facebook
2018-09-25 06:22:32 -------- d-----w- C:\WINDOWS\Panther
2018-09-22 17:04:38 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Cyberlink
2018-09-20 10:13:39 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2018-09-20 10:12:31 542208 ----a-w- C:\WINDOWS\System32\drivers\stwrt64.sys
2018-09-20 10:12:30 499200 ----a-w- C:\WINDOWS\System32\stcplx64.dll
2018-09-20 10:12:29 671744 ------w- C:\WINDOWS\System32\stapi64.dll
2018-09-20 10:12:29 255488 ----a-w- C:\WINDOWS\System32\st646425.dll
2018-09-20 10:12:29 2188800 ----a-w- C:\WINDOWS\System32\stapo64.dll
2018-09-20 10:12:14 -------- d-----w- C:\Program Files\IDT
2018-09-20 08:42:02 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\AppEx Networks
2018-09-20 08:37:15 228032 ----a-w- C:\WINDOWS\System32\drivers\appexDrv.sys
2018-09-20 08:37:14 -------- d-----w- C:\Program Files\AMD Quick Stream
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\AMD AVT
2018-09-20 08:35:42 -------- d-----w- C:\Program Files\ATI Technologies
2018-09-20 08:23:04 -------- d-----w- C:\AMD
2018-09-14 10:29:33 -------- d-----w- C:\T32768
2018-09-14 09:13:17 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Roaming\AMD
2018-09-14 08:39:12 -------- d-----w- C:\ProgramData\Package Cache
2018-09-14 08:38:25 -------- d-----w- C:\Program Files\SiSoftware
2018-09-12 09:46:59 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
.
==================== Find3M ====================
.
2018-10-06 07:18:38 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-09-25 06:33:29 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-09-25 06:33:28 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-09-25 06:33:28 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-09-04 23:04:15 835144 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-09-04 23:04:15 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-31 07:46:43 542504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-08-31 07:45:55 348328 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-08-31 07:43:10 1524152 ----a-w- C:\WINDOWS\System32\msctf.dll
2018-08-31 07:42:49 1636232 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-08-31 07:27:25 56320 ----a-w- C:\WINDOWS\System32\mf3216.dll
2018-08-31 07:27:10 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-31 07:26:21 101888 ----a-w- C:\WINDOWS\System32\drivers\bowser.sys
2018-08-31 07:25:18 270336 ----a-w- C:\WINDOWS\System32\spp.dll
2018-08-31 07:25:12 266752 ----a-w- C:\WINDOWS\System32\rstrui.exe
2018-08-31 07:24:35 482304 ----a-w- C:\WINDOWS\System32\srcore.dll
2018-08-31 07:24:33 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-31 07:23:48 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-31 07:23:34 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-31 07:22:53 1855488 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-08-31 07:22:19 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-31 06:55:04 1455960 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-08-31 06:53:26 1327504 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2018-08-31 06:41:56 43008 ----a-w- C:\WINDOWS\SysWow64\mf3216.dll
2018-08-31 06:41:34 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-31 06:40:01 216576 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2018-08-31 06:37:50 622080 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-31 06:37:13 1585664 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-08-31 06:36:04 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-31 03:50:07 270648 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-31 03:50:05 273720 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-31 03:44:28 1222440 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-31 03:44:27 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-31 03:44:22 76256 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-31 03:44:19 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-31 03:44:18 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-31 03:44:15 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-31 03:43:40 722880 ----a-w- C:\WINDOWS\System32\ci.dll
2018-08-31 03:43:19 2719216 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-08-31 03:28:56 1989496 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-08-31 03:28:50 1514352 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-08-31 03:28:44 6043680 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-31 03:28:42 134936 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2018-08-31 03:28:38 6570040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-31 03:28:37 453104 ----a-w- C:\WINDOWS\SysWow64\dpx.dll
2018-08-31 03:28:24 1129728 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-31 03:28:20 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-31 03:26:44 25847808 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-31 03:21:14 22008320 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-31 03:18:30 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-31 03:17:08 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-31 03:17:01 20480 ----a-w- C:\WINDOWS\System32\netevent.dll
2018-08-31 03:16:47 6661120 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-31 03:16:03 4382720 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-31 03:15:44 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-31 03:15:40 3392512 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-31 03:15:13 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-31 03:15:07 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-31 03:15:03 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:15:02 75776 ----a-w- C:\WINDOWS\System32\drivers\mpsdrv.sys
2018-08-31 03:14:53 2700288 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2018-08-31 03:14:50 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-31 03:14:42 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-31 03:14:31 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-31 03:14:26 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-31 03:13:19 402432 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2018-08-31 03:13:07 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-31 03:13:01 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-31 03:12:51 736256 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2018-08-31 03:12:36 20480 ----a-w- C:\WINDOWS\SysWow64\netevent.dll
2018-08-31 03:11:38 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-08-31 03:11:29 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-08-31 03:11:19 1854976 ----a-w- C:\WINDOWS\System32\wevtsvc.dll
2018-08-31 03:11:18 1057792 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-08-31 03:11:11 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-08-31 03:11:07 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2018-08-31 03:10:55 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-08-31 03:10:55 1375744 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-08-31 03:10:49 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-31 03:10:45 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-08-31 03:10:42 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2018-08-31 03:10:40 288768 ----a-w- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:10:28 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-08-31 03:10:27 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-08-31 03:10:26 176640 ----a-w- C:\WINDOWS\System32\mssph.dll
2018-08-31 03:09:58 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-08-31 03:09:23 2258944 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2018-08-31 03:08:28 619520 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2018-08-31 03:07:32 856064 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe
2018-08-31 03:07:14 735744 ----a-w- C:\WINDOWS\SysWow64\mssvp.dll
2018-08-31 03:06:57 345088 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2018-08-30 04:44:37 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-08-28 09:27:28 1952768 ----a-w- C:\WINDOWS\NDE2ZDRjZ.exe
2018-08-28 07:17:55 23862784 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-08-28 06:56:08 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:49:46 677376 ----a-w- C:\WINDOWS\System32\HeadTrackerStorage.dll
2018-08-28 06:48:22 1274368 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2018-08-28 06:45:57 713216 ----a-w- C:\WINDOWS\System32\SharedRealitySvc.dll
2018-08-28 05:51:14 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-18 00:47:08 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
.
============= FINISH: 20:06:10.54 ===============

Attached Files

attach.txt (11.1 KB)

↧

Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects

October 11, 2018, 4:47 pm

≫ Next: Computer is extremely slow and does not connect to WiFi

≪ Previous: Trojan:Win32/Starter.R

Been having problems recently with Openloader ads popping up every few seconds in my bottom right corner

Having problems with slower internet in general

And my google chrome homepage keeps redirecting to this weird webpage involving PDFs

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by willz at 19:42:23 on 2018-10-11
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.7851.3532 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
C:\Program Files (x86)\Avira\Antivirus\sched.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\ProgramData\KMSAutoS\bin\KMSSS.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe
C:\WINDOWS\system32\valWBFPolicyService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPNUMLKD.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
c:\windows\system32\sihost.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\PROGRA~1\Lenovo\HOTKEY\DFRCTL.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\crashpad_handler.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1808.2461.0_x64__8wekyb3d8bbwe\Calculator.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\system32\svchost.exe -k devicesflow -s DevicesFlowUserSvc
c:\windows\system32\svchost.exe -k devicesflow -s DevicePickerUserSvc
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\LPlatSvc.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uDefault_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [OneDrive] "C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [uTorrent] "C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
uRun: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe"
uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mRun: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: FilterAdministratorToken = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9d2b6da9-4e1c-4d69-b0e3-a1acccb21c30} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{bd83ffd0-76de-4659-b900-e86cd64a0637} : DHCPNameServer = 10.1.5.55 10.1.5.51
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\6496F637D284A5354554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\679667967796C6C6 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: FilterAdministratorToken = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avdevprot;avdevprot;C:\WINDOWS\System32\drivers\avdevprot.sys [2017-12-4 69656]
R0 avusbflt;avusbflt;C:\WINDOWS\System32\drivers\avusbflt.sys [2017-12-4 38048]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2017-11-28 1455552]
R0 IntelHSWPcc;IntelHSWPcc;C:\WINDOWS\System32\drivers\IntelPcc.sys [2017-11-28 88256]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-10 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2017-12-4 44488]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 googledrivefs2506;googledrivefs2506;C:\WINDOWS\System32\drivers\googledrivefs2506.sys [2018-9-5 117616]
R1 googledrivefs2534;googledrivefs2534;C:\WINDOWS\System32\drivers\googledrivefs2534.sys [2018-9-25 119760]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 SMIDriverGen;Synaptics SMI Driver;C:\WINDOWS\System32\drivers\smi.sys [2017-11-28 40176]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2910696]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2704872]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-12-4 226000]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-12-4 226000]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-3-29 83768]
R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2017-12-4 179376]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-8-17 436848]
R2 AviraOptimizerHost;Avira Optimizer Host;C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-3-9 2940584]
R2 AviraPhantomVPN;Avira Phantom VPN;C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2018-8-14 338888]
R2 AviraUpdaterService;Avira Updater Service;C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2018-9-20 102816]
R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2017-12-4 88488]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_95cd1;Connected Devices Platform User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-12-4 9680472]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-11-23 382456]
R2 KMSEmulator;KMS-host Service;C:\ProgramData\KMSAutoS\bin\KMSSS.exe [2017-12-4 301056]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2017-12-5 119584]
R2 LPlatSvc;Lenovo Platform Service;C:\WINDOWS\System32\LPlatSvc.exe [2017-11-28 711248]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-9-16 6541008]
R2 OneSyncSvc_95cd1;Sync Host_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-9-1 333296]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-10-2 259176]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2017-12-5 135456]
R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2017-12-4 339968]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2017-11-28 86544]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization;C:\WINDOWS\System32\valWbioSyncSvc.exe [2017-11-28 56848]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_95cd1;Windows Push Notifications User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2018-4-11 198144]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2018-4-11 48640]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 CM3218x;CM3218x SPB Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
R3 CPLMACPI;Capella Micro CPLMACPI Sensor Filter;C:\WINDOWS\System32\drivers\CPLMACPI.sys [2017-11-28 28136]
R3 DevicePickerUserSvc_95cd1;DevicePicker_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 DevicesFlowUserSvc_95cd1;DevicesFlow_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-8-14 2291904]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-4 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-4 47672]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d64x64.sys [2014-3-14 457496]
R3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-11-28 231944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-10-8 259360]
R3 Microsoft_Bluetooth_AvrcpTransport;Microsoft Bluetooth Avrcp Transport Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-4-11 46592]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-10-17 3530176]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_95cd1;Contact Data_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-12-4 51296]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_95cd1;User Data Storage_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_95cd1;User Data Access_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-12-4 895056]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-12-4 1148568]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 AppleKmdfFilter;Apple KMDF Filter Driver;C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [2018-4-18 20640]
S3 AppleLowerFilter;Apple Lower Filter Driver;C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-4-18 35560]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 BcastDVRUserService_95cd1;GameDVR and Broadcast User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_95cd1;Bluetooth User Support Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_95cd1;CaptureService_95cd1;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 ETDSMBus;ETDSMBus;C:\WINDOWS\System32\drivers\ETDSMBus.sys [2017-11-28 32848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_95cd1;MessagingService_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\WINDOWS\System32\drivers\netaapl64.sys [2017-11-28 32352]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 phantomtap;Phantom TAP-Windows Adapter V9;C:\WINDOWS\System32\drivers\phantomtap.sys [2017-10-25 45056]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_95cd1;PrintWorkflow_95cd1;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-10 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-10 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-8-14 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-10 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-10 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-5-19 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-08 23:10:21 259360 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-09-26 07:08:52 215328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-09-26 07:08:50 474432 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-09-26 07:08:50 29976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-09-25 23:06:05 119760 ----a-w- C:\WINDOWS\System32\drivers\googledrivefs2534.sys
2018-09-16 23:27:10 -------- d-----w- C:\Users\willz\AppData\Local\mbam
2018-09-16 23:26:33 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-09-16 23:26:26 -------- d-----w- C:\ProgramData\Malwarebytes
2018-09-16 23:26:26 -------- d-----w- C:\Program Files\Malwarebytes
2018-09-12 22:11:59 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
.
==================== Find3M ====================
.
2018-10-10 03:06:44 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-02 20:13:10 835152 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-10-02 20:13:10 179792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-09-21 09:23:39 257848 ----a-w- C:\WINDOWS\System32\AppVFileSystemMetadata.dll
2018-09-21 09:01:45 171520 ----a-w- C:\WINDOWS\System32\itss.dll
2018-09-21 08:12:50 150016 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2018-09-21 04:14:11 661056 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2018-09-21 04:13:06 480568 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-09-21 04:12:09 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-09-21 04:11:36 753056 ----a-w- C:\WINDOWS\System32\evr.dll
2018-09-21 04:09:49 1062920 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-09-21 04:09:45 4790160 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-09-21 04:09:23 1427968 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll
2018-09-21 04:09:18 129088 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-09-21 04:08:40 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-09-21 04:08:37 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-09-21 04:08:19 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-09-21 04:08:15 1566720 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll
2018-09-21 04:08:11 1140672 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-09-21 04:08:09 1257864 ----a-w- C:\WINDOWS\System32\winload.exe
2018-09-21 04:08:07 1456720 ----a-w- C:\WINDOWS\System32\winload.efi
2018-09-21 04:08:06 261008 ----a-w- C:\WINDOWS\System32\mfps.dll
2018-09-21 04:08:00 982600 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-09-21 04:07:51 604664 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-09-21 03:58:23 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-09-21 03:57:26 2900992 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2018-09-21 03:57:00 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-09-21 03:56:11 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2018-09-21 03:54:30 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2018-09-21 03:53:32 1006080 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2018-09-21 03:43:38 1627136 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2018-09-21 03:42:00 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-09-21 03:41:32 3396096 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-09-21 03:40:03 2368000 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2018-09-21 03:39:56 625152 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-09-21 03:39:42 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-09-21 03:39:13 1535488 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2018-09-21 03:39:12 3320320 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2018-09-21 03:38:30 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-09-21 03:38:14 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-09-21 03:37:34 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-09-21 03:37:09 1211904 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2018-09-21 03:37:07 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-09-21 03:36:59 401920 ----a-w- C:\WINDOWS\System32\rascustom.dll
2018-09-21 03:36:52 1034240 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2018-09-21 03:36:38 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-09-21 03:36:33 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2018-09-20 09:40:54 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-09-20 09:37:39 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-09-20 09:23:59 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-09-20 09:19:32 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-09-20 09:18:29 327168 ----a-w- C:\WINDOWS\System32\rdpinit.exe
2018-09-20 09:18:20 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-09-20 09:17:56 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-09-20 09:17:55 2874368 ----a-w- C:\WINDOWS\System32\themeui.dll
2018-09-20 09:17:54 1856000 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-09-20 09:17:19 463872 ----a-w- C:\WINDOWS\System32\rdpshell.exe
2018-09-20 09:16:55 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-09-20 08:46:11 1454440 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-09-20 08:35:00 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-09-20 08:29:51 2891776 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-09-20 08:29:45 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-09-20 08:29:35 2824704 ----a-w- C:\WINDOWS\SysWow64\themeui.dll
2018-09-20 08:28:18 102400 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-09-20 06:43:22 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-09-20 05:52:58 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-09-20 04:29:23 1989232 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-09-20 04:29:04 6039368 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-09-20 04:29:04 1513032 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-09-20 04:29:02 357056 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-09-20 04:29:01 6569856 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-09-20 04:28:57 1129544 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-09-20 04:28:41 581792 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-09-20 04:28:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-09-20 04:21:37 22013440 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-09-20 04:17:07 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-09-20 04:13:48 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-09-20 04:12:39 269128 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-09-20 04:12:38 272200 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-09-20 04:11:43 74240 ----a-w- C:\WINDOWS\SysWow64\dtdump.exe
2018-09-20 04:11:37 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-09-20 04:11:24 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-09-20 04:11:19 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-09-20 04:11:03 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-09-20 04:10:57 1029432 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-09-20 04:10:53 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-09-20 04:10:48 1221128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-09-20 04:10:44 566800 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-09-20 04:10:44 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-09-20 04:10:31 500536 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-09-20 04:10:13 355840 ----a-w- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
2018-09-20 04:10:03 2719032 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-09-20 04:08:52 4191232 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2018-09-20 03:53:35 25851392 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-09-20 03:44:27 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-09-20 03:44:04 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-09-20 03:43:21 52736 ----a-w- C:\WINDOWS\System32\runexehelper.exe
2018-09-20 03:42:26 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-09-20 03:42:16 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-09-20 03:42:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
.
============= FINISH: 19:42:43.63 ===============

Attached Files

attach.txt (6.2 KB)

↧

Computer is extremely slow and does not connect to WiFi

October 22, 2018, 5:59 pm

≫ Next: Degraded performance, slow switching between programs, internet browsing

≪ Previous: Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects

Hi

My computer is working at a super slow pace. This is especially true when I am trying to work on the internet. It takes atleast 5 minutes to open up any webpage and even then most of the images doesnt get downloaded. Even when I try to open a document or file on my computer it takes a very long time. However my major concern is again - connecting to the internet. I keep seeing the icon that keeps going around in circle but even though I am connected to my wifi I can barely connect to the internet at a reasonable speed. I do not save anything on my laptop and save everything on my external hard drive so it is not that my memory is full or anything.

I would really appreciate any help or insight on why this is happening.

Attaching all the requested details

↧

Degraded performance, slow switching between programs, internet browsing

October 26, 2018, 5:42 am

≫ Next: two basic methods for installing Avast security applications

≪ Previous: Computer is extremely slow and does not connect to WiFi

Hello, thank you in advance for your help. As stated in the title, I am having significant performance issues. I am not sure if it is malware/virus, or something similar, or if it is, at least in part, the age of the machine.

My laptop is more than 5 years old and is running Windows 10. It seems to me that performance has been worse since upgrade to Windows 10.

In any event, your help and direction is greatly appreciated.

Here is the information requested to start the process.

DDS.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.181.2
Run by Dell Inspiron at 8:31:53 on 2018-10-26
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8049.2310 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spybot - Search and Destroy *Disabled/Outdated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
C:\WINDOWS\system32\nvvsvc.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s MSiSCSI
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
C:\Program Files (x86)\Avira\Antivirus\sched.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE
C:\Program Files (x86)\Common Files\EPSON\EBAPI\eEBSVC.exe
C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
C:\WINDOWS\SysWOW64\PnkBstrA.exe
C:\Program Files (x86)\Common Files\BattlEye\BEService.exe
C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe
C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE
C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe
C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe
C:\Program Files\EPSON\EpsonCustomerResearchParticipation\EPCP.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
svchost.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\EscSvc64.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files\Intel\TurboBoost\TurboBoost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k localservice -p -s workfolderssvc
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
c:\windows\system32\sihost.exe
C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.33.41.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Users\Dell Inspiron\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\DellTPad\Apoint.exe
C:\Program Files\Dell\QuickSet\quickset.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Program Files (x86)\iTunes\iTunesHelper.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\DellTPad\ApMsgFwd.exe
C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
C:\Program Files (x86)\EPSON Software\Event Manager\EEventManager.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXRCV.exe
C:\Program Files\DellTPad\Apntex.exe
C:\Program Files\DellTPad\HidFind.exe
C:\Program Files (x86)\EPSON Software\FAX Utility\FUFAXSTM.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\eBay\Turbo Lister2\Tl.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office12\OUTLOOK.EXE
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Microsoft Office\Office12\WINWORD.EXE
C:\WINDOWS\splwow64.exe
svchost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
BHO: Like: {2159cb25-ef9a-54c1-b43c-e30d1a4a8277} -
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
BHO: Simple: {886bf106-6ebf-4ef4-8676-6663caabbda4} -
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
TB: E-Web Print: {201CF130-E29C-4E5C-A73F-CD197DEFA6AE} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
EB: E-Web Print: {A60C1DC7-64B3-4AD9-8E67-035D11B8B2B0} - C:\Program Files (x86)\Epson Software\E-Web Print\ewps_tb.dll
mRun: [BingDesktop] C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktop.exe /fromkey
mRun: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
mRun: [EEventManager] "C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe"
mRun: [FUFAXRCV] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe"
mRun: [FUFAXSTM] "C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {95B5D20C-BD31-4489-8ABF-F8C8BE748463} - hxxp://zone.msn.com/bingame/zpagames/zpa_hrtz.cab99160.cab
DPF: {A4110378-789B-455F-AE86-3A1BFC402853} - hxxp://zone.msn.com/bingame/zpagames/zpa_shvl.cab55579.cab
DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} - hxxp://cdn2.zone.msn.com/binFramework/v10/ZPAFramework.cab102118.cab
DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} - hxxp://content.systemrequirementslab.com.s3.amazonaws.com/global/bin/srldetect_intel_4.5.13.0.cab
TCP: NameServer = 64.233.217.2 64.233.217.3
TCP: Interfaces\{c49f85b0-4b0d-42a0-bce6-d03c89396128} : DHCPNameServer = 64.233.217.2 64.233.217.3
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: SDWinLogon - SDWinLogon.dll
SSODL: WebCheck - <orphaned>
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mSearch Page = about:blank
x64-mDefault_Page_URL = about:blank
x64-mDefault_Search_URL = about:blank
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [Apoint] C:\Program Files\DellTPad\Apoint.exe
x64-Run: [QuickSet] C:\Program Files\Dell\QuickSet\QuickSet.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 127.0.0.1 www.spywareinfo.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Dell Inspiron\AppData\Roaming\Mozilla\Firefox\Profiles\7gzxff73.default-1488972710950\
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_31_0_0_108.dll
.
============= SERVICES / DRIVERS ===============
.
P2 HiPatchService;Hi-Rez Studios Authenticate and Update Service;C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe [2017-11-22 9728]
R0 avdevprot;avdevprot;C:\WINDOWS\System32\drivers\avdevprot.sys [2017-6-13 69656]
R0 gfibto;gfibto;C:\WINDOWS\System32\drivers\gfibto.sys [2013-8-22 14456]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-10-27 651832]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\drivers\nvpciflt.sys [2016-9-12 57400]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-11 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2016-5-30 44488]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [2009-5-14 759048]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2016-5-30 248312]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2016-5-30 248312]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2016-5-30 179376]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-10-9 431688]
R2 AviraOptimizerHost;Avira Optimizer Host;C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-2-27 2940584]
R2 AviraUpdaterService;Avira Updater Service;C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2018-10-11 102816]
R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2016-5-30 88488]
R2 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2014-12-25 448384]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_8a63c;Connected Devices Platform User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 EPSON_EB_RPCV4_04;EPSON V5 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50STB.EXE [2013-7-2 168448]
R2 EPSON_PM_RPCV4_04;EPSON V3 Service4(04);C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S50RPB.EXE [2013-7-2 131072]
R2 EpsonCustomerResearchParticipation;EpsonCustomerResearchParticipation;C:\Program Files\Epson\EpsonCustomerResearchParticipation\EPCP.exe [2016-8-2 674768]
R2 EpsonScanSvc;Epson Scanner Service;C:\WINDOWS\System32\escsvc64.exe [2013-7-6 144560]
R2 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2013-6-14 169752]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek USB 2.0 Card Reader\RIconMan.exe [2013-6-15 2451456]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-5-3 337888]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2014-1-30 1631008]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [2013-9-19 21055432]
R2 OneSyncSvc_8a63c;Sync Host_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288]
R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2018-9-22 3943664]
R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-9-22 233712]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 TeamViewer9;TeamViewer 9;C:\Program Files (x86)\TeamViewer\Version9\TeamViewer_Service.exe [2014-1-17 5341536]
R2 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-4 87760]
R2 TurboB;Turbo Boost UI Monitor driver;C:\WINDOWS\System32\drivers\TurboB.sys [2012-5-30 16168]
R2 TurboBoost;Intel(R) Turbo Boost Technology Monitor 2.6;C:\Program Files\Intel\TurboBoost\TurboBoost.exe [2012-5-30 149544]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_8a63c;Windows Push Notifications User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AMPPAL;Intel® Centrino® Wireless Bluetooth® + High Speed Virtual Adapter;C:\WINDOWS\System32\drivers\AmpPal.sys [2012-9-13 162344]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 ibtfltcoex;Intel Corporation;C:\WINDOWS\System32\drivers\ibtfltcoex.sys [2015-7-1 79632]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2013-5-7 442368]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-1 38896]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNe64;___ Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows 8 - 64 Bit;C:\WINDOWS\System32\drivers\NETwew01.sys [2018-4-11 3343872]
R3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-6-5 20256]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2014-6-5 40392]
R3 PimIndexMaintenanceSvc_8a63c;Contact Data_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2015-8-13 896744]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_8a63c;User Data Storage_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_8a63c;User Data Access_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2016-5-30 891472]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2016-5-30 1162120]
S2 AviraPhantomVPN;Avira Phantom VPN;C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2018-3-19 339240]
S2 BingDesktopUpdate;Bing Desktop Update service;C:\Program Files (x86)\Microsoft\BingDesktop\BingDesktopUpdater.exe [2013-6-27 173192]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2015-3-1 1997168]
S2 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2016-5-30 3892256]
S2 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
S2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-4 1001920]
S2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-6-26 16928]
S2 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 BcastDVRUserService_8a63c;GameDVR and Broadcast User Service_8a63c;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_8a63c;Bluetooth User Support Service_8a63c;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 DevicePickerUserSvc_8a63c;DevicePicker_8a63c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_8a63c;DevicesFlow_8a63c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2014-1-22 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 gfiark;gfiark;C:\WINDOWS\System32\drivers\gfiark.sys [2013-8-27 41032]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2015-12-1 50160]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.812\McCHSvc.exe [2018-9-27 405392]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_8a63c;MessagingService_8a63c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_8a63c;PrintWorkflow_8a63c;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-11 945568]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RSUSBVSTOR;RtsUVStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUVStor.sys [2013-6-15 315536]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2014-1-22 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-10-5 60584]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1809.2-0\NisSrv.exe [2018-10-5 3847376]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-11 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-20 11:27:59 836608 ----a-w- C:\WINDOWS\System32\win32spl.dll
2018-10-18 02:18:59 -------- d-----w- C:\Users\Dell Inspiron\AppData\Local\IsolatedStorage
2018-10-05 18:21:19 -------- d-----w- C:\ProgramData\McAfee Security Scan
2018-10-05 17:45:59 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E304F0DE-4E26-4534-8583-8A8D6AFC7A44}\mpengine.dll
.
==================== Find3M ====================
.
2018-10-22 08:07:41 559880 ------w- C:\WINDOWS\System32\MpSigStub.exe
2018-10-05 17:44:53 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-10-05 17:44:53 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-10-05 17:44:53 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-10-02 20:13:10 835152 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-10-02 20:13:10 179792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-09-21 09:01:45 171520 ----a-w- C:\WINDOWS\System32\itss.dll
2018-09-21 08:12:50 150016 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2018-09-21 04:14:11 661056 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2018-09-21 04:13:06 480568 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-09-21 04:12:09 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-09-21 04:11:36 753056 ----a-w- C:\WINDOWS\System32\evr.dll
2018-09-21 04:09:49 1062920 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-09-21 04:09:45 4790160 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-09-21 04:09:23 1427968 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll
2018-09-21 04:09:18 129088 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-09-21 04:08:40 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-09-21 04:08:37 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-09-21 04:08:19 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-09-21 04:08:15 1566720 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll
2018-09-21 04:08:11 1140672 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-09-21 04:08:09 1257864 ----a-w- C:\WINDOWS\System32\winload.exe
2018-09-21 04:08:07 1456720 ----a-w- C:\WINDOWS\System32\winload.efi
2018-09-21 04:08:06 261008 ----a-w- C:\WINDOWS\System32\mfps.dll
2018-09-21 04:08:00 982600 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-09-21 04:07:51 604664 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-09-21 03:58:23 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-09-21 03:57:26 2900992 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2018-09-21 03:57:00 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-09-21 03:56:11 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2018-09-21 03:54:30 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2018-09-21 03:53:32 1006080 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2018-09-21 03:43:38 1627136 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2018-09-21 03:42:00 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-09-21 03:41:32 3396096 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-09-21 03:40:03 2368000 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2018-09-21 03:39:56 625152 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-09-21 03:39:42 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-09-21 03:39:13 1535488 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2018-09-21 03:39:12 3320320 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2018-09-21 03:38:30 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-09-21 03:38:14 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-09-21 03:37:34 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-09-21 03:37:09 1211904 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2018-09-21 03:37:07 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-09-21 03:36:59 401920 ----a-w- C:\WINDOWS\System32\rascustom.dll
2018-09-21 03:36:52 1034240 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2018-09-21 03:36:38 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-09-21 03:36:33 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2018-09-20 09:40:54 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-09-20 09:37:39 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-09-20 09:23:59 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-09-20 09:19:32 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-09-20 09:18:20 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-09-20 09:17:56 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-09-20 09:17:55 2874368 ----a-w- C:\WINDOWS\System32\themeui.dll
2018-09-20 09:17:54 1856000 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-09-20 09:16:55 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-09-20 08:46:11 1454440 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-09-20 08:35:00 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-09-20 08:29:51 2891776 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-09-20 08:29:45 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-09-20 08:29:35 2824704 ----a-w- C:\WINDOWS\SysWow64\themeui.dll
2018-09-20 08:28:18 102400 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-09-20 06:43:22 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-09-20 05:52:58 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-09-20 04:29:23 1989232 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-09-20 04:29:04 6039368 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-09-20 04:29:04 1513032 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-09-20 04:29:02 357056 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-09-20 04:29:01 6569856 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-09-20 04:28:57 1129544 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-09-20 04:28:41 581792 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-09-20 04:28:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-09-20 04:21:37 22013440 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-09-20 04:17:07 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-09-20 04:13:48 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-09-20 04:12:39 269128 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-09-20 04:12:38 272200 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-09-20 04:11:43 74240 ----a-w- C:\WINDOWS\SysWow64\dtdump.exe
2018-09-20 04:11:37 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-09-20 04:11:24 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-09-20 04:11:19 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-09-20 04:11:03 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-09-20 04:10:57 1029432 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-09-20 04:10:53 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-09-20 04:10:48 1221128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-09-20 04:10:44 566800 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-09-20 04:10:44 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-09-20 04:10:31 500536 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-09-20 04:10:13 355840 ----a-w- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
2018-09-20 04:10:03 2719032 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-09-20 04:08:52 4191232 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2018-09-20 03:53:35 25851392 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-09-20 03:44:27 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-09-20 03:44:04 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-09-20 03:43:21 52736 ----a-w- C:\WINDOWS\System32\runexehelper.exe
2018-09-20 03:42:26 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-09-20 03:42:16 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-09-20 03:42:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
.
============= FINISH: 8:35:37.10 ===============

I do not have access to a Windows install or boot CD. Please advise next steps. Thank you.

Jeff

Attached Files

attach.txt (22.0 KB)

↧

two basic methods for installing Avast security applications

October 29, 2018, 10:19 am

≫ Next: canot figure out how to move virus/ses off of my laptop PLEASE help!

≪ Previous: Degraded performance, slow switching between programs, internet browsing

There are two basic methods for installing Avast security applications.
1. online installation and CD installation.
2. the online installation is the one that comes recommended from Avast.com/activate or dial +1-800-916-9563.

↧

canot figure out how to move virus/ses off of my laptop PLEASE help!

October 30, 2018, 3:32 pm

≫ Next: Empty "Q" folder with old create date found in Music folder

≪ Previous: two basic methods for installing Avast security applications

Hi, there every time I go on the net a pop up from my Dell windows laptop saying threats found. all go to my windows security center and remove it, then restart my laptop. it will not go away and there appears to be no way to get it off my laptop. this started today a few hours ago. I think it might be from a phone scam claiming to be from the gov and trying to sell me medical insurance so somehow me answering my phone allowed that to mess up my laptop. another way is I go to this website frequently called wireclube and perhaps a hacker or something got on my laptop that way and put a virus on it. how do I remove or delete all these viruses off my system? I have a dell laptop inspiron 3000 series with windows 10 or above

↧

Empty "Q" folder with old create date found in Music folder

October 31, 2018, 12:03 am

≫ Next: Malware Infection

≪ Previous: canot figure out how to move virus/ses off of my laptop PLEASE help!

To preface, I did a clean install of Windows 10 on my SSD today because of two issues that were ongoing:

One: My PC cursor had been lagging very frequently and the Windows clock was also stopping during this lag. My PC also completely froze up and had to be hard-reset a couple of months ago. This issue had been occurring since around July.

Two: My computer monitor would go blank/black and then re-display itself after closing out exiting certain websites. I noticed that it specifically happens with iTunes album webpages. I haven't been able to place what other websites it happens with. This issue has been ongoing for a month.

After doing a clean install of Windows, the cursor/clock lag has went away. However, the monitor resetting issue is still present. I do believe that the backup service Backblaze was causing the cursor/clock lag. I'm unsure of what may be causing the monitor resetting.

Moving forward: I also have an HDD that I use for file storage that I did not reformat during the clean install. After doing the clean install, I was going through some folders of the HDD and I noticed a folder titled "Q" that was in my Music folder. I assumed I may have created a new folder by accident and hit the Q key. However, when I hovered over the folder, it said that the create date was February of 2018. It also said that the folder was empty. I do have "Show hidden files" selected in folder options. I am positive that this "Q" folder has not been in my Music folder since February. I frequently access my Music folder, and I had never seen/noticed this "Q" folder until today. I cannot verify if it was present anytime before the clean install, though, or if it showed up after.

I don't believe that I actually opened the folder, I just sent it to the recycling bin. I went to empty the recycling bin (unfortunately, I can't remember if I did this immediately after deleting the folder or not), and it briefly said that it was deleting ~2,000 files. I was surprised by this because I typically empty my recycle bin frequently and I could have sworn that it was empty before deleting the "Q" folder, but I cannot be 100% sure. I was downloading and installing drivers after the install, so it could have been one of those.

I will be upfront and say that I did have SoulseekQt installed both before and after the clean install. I have removed it after finding the "Q" folder. I also had the program SFV Checker from Traction Software installed briefly after the clean install, but I removed it because a random error popped up in my Notifications right after I opened it. I don't remember what the notification said. However, I believe the error may have been re: Windows resetting the default app for certain image extensions, because I have IrfanView installed as well and I got a handful of those notifications following the initial one.

I haven't noticed anything else suspicious on my PC

Here is the dds.txt file, and the attach.txt file is attached as well:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer:
Run by Admin at 23:37:08 on 2018-10-30
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8143.6933 [GMT -7:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\system32\svchost.exe -k DcomLaunch -p
C:\Windows\system32\fontdrvhost.exe
C:\Windows\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\Windows\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s gpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WPDBusEnum
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k LocalService -p
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Windows\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\Windows\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
svchost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Windows\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\Windows\system32\ctfmon.exe
C:\Windows\system32\userinit.exe
C:\Windows\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Windows\system32\backgroundTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\Windows\system32\AUDIODG.EXE
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{cfb7eac7-02dc-478e-96ab-32ec1545a3d1} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\Windows\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdpsp;AMD PSP Service;C:\Windows\System32\drivers\amdpsp.sys [2018-7-5 137104]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\Windows\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\Windows\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\Windows\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\Windows\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\Windows\System32\drivers\WindowsTrustedRT.sys [2018-10-30 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\Windows\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\Windows\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\Windows\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\Windows\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\Windows\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\Windows\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\Windows\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_2940c;Connected Devices Platform User Service_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\Windows\System32\drivers\cldflt.sys [2018-10-30 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\Windows\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\Windows\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-10-30 462968]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\Windows\System32\SecurityHealthService.exe [2018-10-30 760888]
R2 storqosflt;Storage QoS Filter Driver;C:\Windows\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\Windows\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_2940c;Windows Push Notifications User Service_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 amdgpio2;AMD GPIO Client Driver;C:\Windows\System32\drivers\amdgpio2.sys [2017-3-1 34696]
R3 amdgpio3;AMD GPIO Client Driver;C:\Windows\System32\drivers\amdgpio3.sys [2016-8-12 33144]
R3 AMDPCIDev;AMD PCI;C:\Windows\System32\drivers\AMDPCIDev.sys [2018-4-25 31592]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\Windows\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 camsvc;Capability Access Manager Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\Windows\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\Windows\System32\drivers\rt640x64.sys [2018-10-30 1139424]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\Windows\System32\drivers\wd\WdNisDrv.sys [2018-10-30 60408]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe [2018-10-30 3917016]
S2 DoSvc;Delivery Optimization;C:\Windows\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\Windows\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 OneSyncSvc_2940c;Sync Host_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S2 SgrmBroker;System Guard Runtime Monitor Broker;C:\Windows\System32\SgrmBroker.exe [2018-4-11 163336]
S2 UsoSvc;Update Orchestrator Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\Windows\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\Windows\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amdkmcsp;AMD Kernel Mode CSP Service;C:\Windows\System32\drivers\amdkmcsp.sys [2017-6-12 101232]
S3 applockerfltr;Smartlocker Filter Driver;C:\Windows\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\Windows\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 BcastDVRUserService_2940c;GameDVR and Broadcast User Service_2940c;C:\Windows\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\Windows\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\Windows\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_2940c;Bluetooth User Support Service_2940c;C:\Windows\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\Windows\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\Windows\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\Windows\System32\drivers\CAD.sys [2018-4-11 60320]
S3 CapImg;HID driver for CapImg touch screen;C:\Windows\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\Windows\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\Windows\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\Windows\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_2940c;DevicePicker_2940c;C:\Windows\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_2940c;DevicesFlow_2940c;C:\Windows\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\Windows\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-10-30 90624]
S3 diagsvc;Diagnostic Execution Service;C:\Windows\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\Windows\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\Windows\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\Windows\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\Windows\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\Windows\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\Windows\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\Windows\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\Windows\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\Windows\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\Windows\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\Windows\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\Windows\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\Windows\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\Windows\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LicenseManager;Windows License Manager Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 LSI_SAS2i;LSI_SAS2i;C:\Windows\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\Windows\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\Windows\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\Windows\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\Windows\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\Windows\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\Windows\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_2940c;MessagingService_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\Windows\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\Windows\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\Windows\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\Windows\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\Windows\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\Windows\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\Windows\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PimIndexMaintenanceSvc_2940c;Contact Data_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\Windows\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_2940c;PrintWorkflow_2940c;C:\Windows\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\Windows\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\Windows\System32\drivers\refs.sys [2018-10-30 1921944]
S3 ReFSv1;ReFSv1;C:\Windows\System32\drivers\refsv1.sys [2018-10-30 945568]
S3 RetailDemo;Retail Demo Service;C:\Windows\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\Windows\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\Windows\System32\drivers\scmbus.sys [2018-10-30 128920]
S3 SDFRd;SDF Reflector;C:\Windows\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\Windows\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\Windows\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\Windows\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\Windows\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\Windows\System32\Spectrum.exe [2018-6-19 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\Windows\System32\drivers\stornvme.sys [2018-6-19 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\Windows\System32\drivers\storufs.sys [2018-10-30 48544]
S3 TieringEngineService;Storage Tiers Management;C:\Windows\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\Windows\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\Windows\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\Windows\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\Windows\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\Windows\System32\drivers\uefi.sys [2018-6-19 29600]
S3 Ufx01000;USB Function Class Extension;C:\Windows\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\Windows\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\Windows\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UnistoreSvc_2940c;User Data Storage_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\Windows\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\Windows\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\Windows\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 UserDataSvc_2940c;User Data Access_2940c;C:\Windows\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 VacSvc;Volumetric Audio Compositor Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\Windows\System32\drivers\vhf.sys [2018-10-30 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\Windows\System32\drivers\vmgid.sys [2018-10-30 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\Windows\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\Windows\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\Windows\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\Windows\System32\drivers\WdiWiFi.sys [2018-10-30 787456]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\Windows\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\Windows\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\Windows\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\Windows\System32\drivers\winnat.sys [2018-10-30 228864]
S3 WinVerbs;WinVerbs Service;C:\Windows\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\Windows\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\Windows\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\Windows\System32\drivers\xboxgip.sys [2018-10-30 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\Windows\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\Windows\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\Windows\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\Windows\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\Windows\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\Windows\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-31 03:49:23 -------- d-----w- C:\Users\Admin\AppData\Local\SoulseekQt
2018-10-31 03:49:16 14700800 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5A88726F-C4DC-4A46-B380-EC6C85FF68D4}\mpengine.dll
2018-10-31 03:24:42 -------- d-----w- C:\Users\Admin\AppData\Roaming\Mp3tag
2018-10-31 03:21:07 -------- d-----w- C:\Program Files (x86)\Traction Software
2018-10-31 03:20:42 212992 ----a-w- C:\Program Files (x86)\Common Files\InstallShield\engine\6\Intel 32\ILog.dll
2018-10-31 03:17:09 -------- d-----w- C:\Program Files (x86)\Mp3tag
2018-10-31 03:15:22 -------- d-----w- C:\Users\Admin\AppData\Roaming\IrfanView
2018-10-31 03:15:22 -------- d-----w- C:\Program Files\IrfanView
2018-10-31 03:10:59 -------- d-----w- C:\Users\Admin\AppData\Local\Programs
2018-10-31 02:53:42 -------- d-----w- C:\Users\Admin\AppData\Roaming\GoldWave
2018-10-31 02:53:38 -------- d-----w- C:\Program Files\GoldWave
2018-10-31 00:53:43 -------- d-----w- C:\Users\Admin\AppData\Roaming\foobar2000
2018-10-31 00:53:39 -------- d-----w- C:\Program Files (x86)\foobar2000
2018-10-31 00:52:10 -------- d-----w- C:\Program Files\AlbumArtDownloader
2018-10-31 00:45:15 1139424 ----a-w- C:\Windows\System32\drivers\rt640x64.sys
2018-10-31 00:43:04 -------- d-----w- C:\Windows\System32\RTCOM
2018-10-31 00:20:45 -------- d-----w- C:\Program Files (x86)\AMD
2018-10-31 00:20:38 -------- d-----w- C:\ProgramData\Package Cache
2018-10-31 00:18:23 -------- d-----w- C:\Users\Admin\AppData\Local\RadeonInstaller
2018-10-31 00:18:21 -------- d-----w- C:\Program Files\AMD
2018-10-30 23:42:42 778936 ----a-w- C:\Windows\SysWow64\PresentationNative_v0300.dll
2018-10-30 23:42:42 35456 ----a-w- C:\Windows\SysWow64\TsWpfWrp.exe
2018-10-30 23:42:42 103120 ----a-w- C:\Windows\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-10-30 23:42:39 35456 ----a-w- C:\Windows\System32\TsWpfWrp.exe
2018-10-30 23:42:39 124624 ----a-w- C:\Windows\System32\PresentationCFFRasterizerNative_v0300.dll
2018-10-30 23:42:39 1166520 ----a-w- C:\Windows\System32\PresentationNative_v0300.dll
2018-10-30 23:19:36 -------- d-----w- C:\Users\Admin\AppData\Local\Google
2018-10-30 23:07:03 -------- d-----w- C:\Windows\Panther
2018-10-30 22:53:37 -------- d-----w- C:\Users\Admin\AppData\Local\DBG
2018-10-30 22:40:39 -------- d-----w- C:\ProgramData\Packages
2018-10-30 22:37:57 50688 ----a-w- C:\Windows\System32\wcimage.dll
2018-10-30 22:36:42 -------- d-----w- C:\Windows\System32\MRT
2018-10-30 22:33:09 1476904 ----a-w- C:\Windows\System32\mcupdate_GenuineIntel.dll
2018-10-30 22:26:09 -------- d-----r- C:\Users\Admin\OneDrive
2018-10-30 22:25:47 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-10-30 22:25:46 -------- d-----w- C:\Users\Admin\AppData\Local\PlaceholderTileLogoFolder
2018-10-30 22:24:41 -------- d--h--w- C:\Users\Admin\MicrosoftEdgeBackups
2018-10-30 22:24:34 -------- d-----w- C:\Users\Admin\AppData\Local\MicrosoftEdge
2018-10-30 22:24:31 -------- d-----w- C:\Users\Admin\AppData\Local\Publishers
2018-10-30 22:24:28 -------- d-----w- C:\Users\Admin\AppData\Local\VirtualStore
2018-10-30 22:24:28 -------- d-----w- C:\Users\Admin\AppData\Local\Packages
2018-10-30 22:24:28 -------- d-----r- C:\Users\Admin\Searches
2018-10-30 22:24:28 -------- d-----r- C:\Users\Admin\Contacts
2018-10-30 22:24:28 -------- d-----r- C:\Users\Admin\3D Objects
2018-10-30 22:24:27 -------- d-----w- C:\Users\Admin\AppData\Local\ConnectedDevicesPlatform
2018-10-30 22:21:07 -------- d-----w- C:\Windows\System32\wbem\Performance
2018-10-30 22:19:08 -------- d-----w- C:\ProgramData\USOShared
2018-10-30 22:17:39 2752000 ----a-w- C:\Windows\SysWow64\PrintConfig.dll
2018-10-30 22:17:03 -------- d-----w- C:\Windows\System32\wbem\MOF\good
2018-10-30 22:17:03 -------- d-----w- C:\Windows\System32\wbem\MOF\bad
2018-10-30 22:17:02 -------- d-sh--we C:\ProgramData\Documents
2018-10-30 22:17:02 -------- d-sh--we C:\Documents and Settings
2018-10-30 22:13:38 -------- d-sh--w- C:\Recovery
2018-10-30 22:12:49 -------- d-----w- C:\Windows\System32\wbem\MOF
2018-10-30 22:12:49 -------- d-----w- C:\Windows\System32\drivers\wd
2018-10-30 22:12:40 -------- d-s---w- C:\Windows\System32\Microsoft
2018-10-30 22:12:40 -------- d-----w- C:\Windows\System32\SleepStudy
2018-10-30 22:12:40 -------- d-----w- C:\Windows\ServiceProfiles
.
==================== Find3M ====================
.
2018-10-30 22:41:35 60408 ----a-w- C:\Windows\System32\drivers\wd\WdNisDrv.sys
2018-10-30 22:41:35 46184 ----a-w- C:\Windows\System32\drivers\wd\WdBoot.sys
2018-10-30 22:41:35 328696 ----a-w- C:\Windows\System32\drivers\wd\WdFilter.sys
2018-10-30 22:32:55 559880 ------w- C:\Windows\System32\MpSigStub.exe
2018-10-21 13:00:32 1516120 ----a-w- C:\Windows\System32\msctf.dll
2018-10-21 13:00:31 790416 ----a-w- C:\Windows\System32\fontdrvhost.exe
2018-10-21 13:00:23 396304 ----a-w- C:\Windows\System32\atmfd.dll
2018-10-21 13:00:18 1639560 ----a-w- C:\Windows\System32\user32.dll
2018-10-21 12:59:51 766480 ----a-w- C:\Windows\System32\LicensingWinRT.dll
2018-10-21 12:59:43 236728 ----a-w- C:\Windows\System32\EditionUpgradeManagerObj.dll
2018-10-21 12:46:50 64000 ----a-w- C:\Windows\System32\iemigplugin.dll
2018-10-21 12:46:11 4393472 ----a-w- C:\Windows\System32\SettingsHandlers_nt.dll
2018-10-21 12:45:43 123392 ----a-w- C:\Windows\System32\fontsub.dll
2018-10-21 12:44:40 85504 ----a-w- C:\Windows\System32\INETRES.dll
2018-10-21 12:44:02 623104 ----a-w- C:\Windows\System32\osk.exe
2018-10-21 12:43:46 182784 ----a-w- C:\Windows\System32\LanguageComponentsInstaller.dll
2018-10-21 12:43:27 276992 ----a-w- C:\Windows\System32\wisp.dll
2018-10-21 12:43:17 345600 ----a-w- C:\Windows\System32\AcGenral.dll
2018-10-21 12:42:54 1121792 ----a-w- C:\Windows\System32\TSWorkspace.dll
2018-10-21 12:42:41 1127936 ----a-w- C:\Windows\System32\nettrace.dll
2018-10-21 12:42:28 181248 ----a-w- C:\Windows\System32\EditionUpgradeHelper.dll
2018-10-21 12:42:11 765440 ----a-w- C:\Windows\System32\tdh.dll
2018-10-21 12:42:05 592896 ----a-w- C:\Windows\System32\UserLanguagesCpl.dll
2018-10-21 12:41:58 3649024 ----a-w- C:\Windows\System32\win32kfull.sys
2018-10-21 12:41:39 1180672 ----a-w- C:\Windows\System32\localspl.dll
2018-10-21 12:41:26 1364992 ----a-w- C:\Windows\System32\bcastdvruserservice.dll
2018-10-21 11:38:53 660480 ----a-w- C:\Windows\SysWow64\LicensingWinRT.dll
2018-10-21 11:38:51 221216 ----a-w- C:\Windows\SysWow64\EditionUpgradeManagerObj.dll
2018-10-21 11:38:44 662312 ----a-w- C:\Windows\SysWow64\fontdrvhost.exe
2018-10-21 11:38:32 1322376 ----a-w- C:\Windows\SysWow64\msctf.dll
2018-10-21 11:37:42 1626656 ----a-w- C:\Windows\SysWow64\user32.dll
2018-10-21 11:28:17 84992 ----a-w- C:\Windows\SysWow64\INETRES.dll
2018-10-21 11:23:57 622080 ----a-w- C:\Windows\SysWow64\tdh.dll
2018-10-21 11:23:49 2892288 ----a-w- C:\Windows\SysWow64\win32kfull.sys
2018-10-21 11:23:40 523264 ----a-w- C:\Windows\SysWow64\UserLanguagesCpl.dll
2018-10-21 11:22:14 224256 ----a-w- C:\Windows\SysWow64\wisp.dll
2018-10-21 11:22:09 2405888 ----a-w- C:\Windows\SysWow64\AcGenral.dll
2018-10-21 09:29:22 1008640 ----a-w- C:\Windows\System32\Windows.Media.MixedRealityCapture.dll
2018-10-21 08:44:20 868864 ----a-w- C:\Windows\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-10-21 07:54:06 1035240 ----a-w- C:\Windows\System32\ApplyTrustOffline.exe
2018-10-21 07:53:32 272200 ----a-w- C:\Windows\System32\SgrmEnclave.dll
2018-10-21 07:53:32 269128 ----a-w- C:\Windows\System32\SgrmEnclave_secure.dll
2018-10-21 07:48:21 5602456 ----a-w- C:\Windows\System32\StartTileData.dll
2018-10-21 07:47:58 1221128 ----a-w- C:\Windows\System32\hvix64.exe
2018-10-21 07:47:56 566776 ----a-w- C:\Windows\System32\tcblaunch.exe
2018-10-21 07:47:51 76304 ----a-w- C:\Windows\System32\drivers\hvservice.sys
2018-10-21 07:47:48 1029432 ----a-w- C:\Windows\System32\hvax64.exe
2018-10-21 07:47:47 1062712 ----a-w- C:\Windows\System32\SecConfig.efi
2018-10-21 07:47:45 135208 ----a-w- C:\Windows\System32\hvloader.dll
2018-10-21 07:47:14 368440 ----a-w- C:\Windows\System32\thumbcache.dll
2018-10-21 07:46:59 497864 ----a-w- C:\Windows\System32\Windows.Devices.Enumeration.dll
2018-10-21 07:46:42 611640 ----a-w- C:\Windows\System32\drivers\spaceport.sys
2018-10-21 07:46:40 717112 ----a-w- C:\Windows\System32\SettingsHandlers_StorageSense.dll
2018-10-21 07:46:33 709936 ----a-w- C:\Windows\System32\drivers\cng.sys
2018-10-21 07:46:28 171024 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-10-21 07:46:20 7432136 ----a-w- C:\Windows\System32\windows.storage.dll
2018-10-21 07:46:20 560136 ----a-w- C:\Windows\System32\drivers\storport.sys
2018-10-21 07:46:12 7519896 ----a-w- C:\Windows\System32\Windows.Media.Protection.PlayReady.dll
2018-10-21 07:46:07 9089544 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-10-21 07:46:06 2824712 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2018-10-21 07:46:00 413200 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2018-10-21 07:30:11 25855488 ----a-w- C:\Windows\System32\edgehtml.dll
2018-10-21 07:28:11 16592384 ----a-w- C:\Windows\System32\Windows.UI.Xaml.dll
2018-10-21 07:22:53 4384768 ----a-w- C:\Windows\System32\EdgeContent.dll
2018-10-21 07:22:19 8189440 ----a-w- C:\Windows\System32\Windows.Data.Pdf.dll
2018-10-21 07:22:06 4710912 ----a-w- C:\Windows\System32\cdp.dll
2018-10-21 07:21:26 1589248 ----a-w- C:\Windows\System32\Windows.Globalization.dll
2018-10-21 07:21:14 123424 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-10-21 07:21:01 3392512 ----a-w- C:\Windows\System32\tquery.dll
2018-10-21 07:20:48 3397120 ----a-w- C:\Windows\System32\AppXDeploymentServer.dll
2018-10-21 07:20:27 424000 ----a-w- C:\Windows\SysWow64\Windows.Devices.Enumeration.dll
2018-10-21 07:20:27 295224 ----a-w- C:\Windows\SysWow64\thumbcache.dll
2018-10-21 07:20:14 161792 ----a-w- C:\Windows\System32\spacebridge.dll
2018-10-21 07:20:02 141312 ----a-w- C:\Windows\System32\DataStoreCacheDumpTool.exe
2018-10-21 07:18:54 395264 ----a-w- C:\Windows\System32\BthAvctpSvc.dll
2018-10-21 07:18:54 130048 ----a-w- C:\Windows\System32\officecsp.dll
2018-10-21 07:18:50 107520 ----a-w- C:\Windows\System32\dab.dll
2018-10-21 07:18:45 395776 ----a-w- C:\Windows\System32\Search.ProtocolHandler.MAPI2.dll
2018-10-21 07:18:43 894464 ----a-w- C:\Windows\System32\webplatstorageserver.dll
2018-10-21 07:18:36 274432 ----a-w- C:\Windows\System32\DAFWSD.dll
2018-10-21 07:18:27 275456 ----a-w- C:\Windows\System32\scecli.dll
2018-10-21 07:18:26 273408 ----a-w- C:\Windows\System32\ubpm.dll
2018-10-21 07:18:22 761344 ----a-w- C:\Windows\System32\nshwfp.dll
2018-10-21 07:18:21 154112 ----a-w- C:\Windows\System32\Chakradiag.dll
2018-10-21 07:18:12 461824 ----a-w- C:\Windows\System32\Windows.Data.Activities.dll
2018-10-21 07:18:11 2738688 ----a-w- C:\Windows\System32\mssrch.dll
2018-10-21 07:18:06 30720 ----a-w- C:\Windows\System32\seclogon.dll
2018-10-21 07:17:55 473600 ----a-w- C:\Windows\System32\schannel.dll
2018-10-21 07:17:40 764416 ----a-w- C:\Windows\System32\drivers\UMDF\NfcCx.dll
2018-10-21 07:17:38 787456 ----a-w- C:\Windows\System32\drivers\WdiWiFi.sys
2018-10-21 07:17:38 7577088 ----a-w- C:\Windows\System32\Chakra.dll
2018-10-21 07:17:38 311296 ----a-w- C:\Windows\System32\BthAvrcp.dll
2018-10-21 07:17:35 2172928 ----a-w- C:\Windows\System32\AppXDeploymentExtensions.onecore.dll
2018-10-21 07:17:25 625152 ----a-w- C:\Windows\System32\PsmServiceExtHost.dll
2018-10-21 07:17:19 1826816 ----a-w- C:\Windows\System32\Windows.CloudStore.dll
2018-10-21 07:17:13 1668096 ----a-w- C:\Windows\System32\cdprt.dll
2018-10-21 07:17:02 271872 ----a-w- C:\Windows\System32\dafBth.dll
2018-10-21 07:16:45 514048 ----a-w- C:\Windows\System32\BTAGService.dll
2018-10-21 07:16:32 2368512 ----a-w- C:\Windows\System32\WebRuntimeManager.dll
2018-10-21 07:16:25 2584576 ----a-w- C:\Windows\System32\wlansvc.dll
.
============= FINISH: 23:37:27.71 ===============

Attached Files

attach.txt (4.8 KB)

↧

Malware Infection

November 2, 2018, 7:29 am

≫ Next: Super slow boot, slow everything

≪ Previous: Empty "Q" folder with old create date found in Music folder

Hello,

I received an email from AT&T (my high-speed internet provider) that I have an infected computer. The email stated:

AT&T has received information indicating that one or more devices using your Internet connection may be infected with malicious software. Internet traffic consistent with a malware infection (generic) was observed on Oct 23, 2018 at 10:10 PM CDT from the IP address 162.199.237.136. Our records indicate that this IP address was assigned to you at this time.

This was only about three weeks after "upgrading" our internet to faster speeds and a new router. My PC has been running noticeably slower lately. I do not have access to a windows install disc.

Thank you SO much for your help!
Jenny

Here is my dds.txt:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.18838 BrowserJavaVersion: 11.191.2
Run by Cliffside at 9:58:41 on 2018-11-02
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.4003.1913 [GMT -4:00]
.
AV: McAfee VirusScan *Enabled/Updated* {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall *Enabled* {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\System32\svchost.exe -k NetworkService
C:\Program Files (x86)\Adobe\Photoshop Elements 6.0\PhotoshopElementsFileAgent.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Hewlett-Packard\HP Odometer\hpsysdrv.exe
C:\Windows\SysWOW64\CTsvcCDA.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
C:\Users\Cliffside\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
C:\Program Files (x86)\Brownie\BrStsW64.exe
C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Online Games Manager\ogmservice.exe
C:\Program Files (x86)\Brownie\Brnipmon.exe
C:\Windows\system32\mfevtps.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\Program Files\Common Files\Intel Security\PEF\CORE\PEFService.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Users\Cliffside\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Users\Cliffside\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McSACore.exe
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\saUI.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Common Files\McAfee\CSP\2.6.319.0\McCSPServiceHost.exe
C:\Program Files (x86)\Coupons\CouponPrinterService.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\McAfee\SiteAdvisor\McChHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = about:blank
mStart Page = about:blank
uURLSearchHooks: McAfee SiteAdvisor Toolbar: {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
mWinlogon: Userinit = userinit.exe,
BHO: BlspcHlpr Class: {15C9938F-CB96-496D-800A-B827F2E34EA1} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll
BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [Uploader] C:\Program Files (x86)\Seagate\Seagate Dashboard 2.0\Seagate.Dashboard.Uploader.exe
uRun: [] C:\Program Files (x86)\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe Run
uRun: [Google Update] C:\Users\Cliffside\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
uRun: [Dropbox Update] "C:\Users\Cliffside\AppData\Local\Dropbox\Update\DropboxUpdate.exe" /c
uRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
uRun: [31C60B756E9D99180565E21D167ED696CCB274D7._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
mRun: [HP Software Update] c:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
mRun: [FPCCSMiddleware] C:\Program Files (x86)\Fisher-Price\Computer Cool School\FPCCSMiddleware.exe
mRun: [BrStsWnd] C:\Program Files (x86)\Brownie\BrstsW64.exe Autorun
mRun: [mcui_exe] "C:\Program Files\McAfee.com\Agent\mcagent.exe" /runkey
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [Digital Coupon Print Driver] "C:\Program Files (x86)\Digital Coupon Printer\DigitalCouponPrinter.exe"
mRun: [Fitbit Connect] "C:\Program Files (x86)\Fitbit Connect\Fitbit Connect.exe" /autorun
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [PDF Complete] C:\Program Files (x86)\PDF Complete\pdfsty.exe
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
dRunOnce: [{90140000-003D-0000-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
dRunOnce: [{90140000-001A-0409-0000-0000000FF1CE}] C:\Windows\System32\cmd.exe /C del "C:\ProgramData\Microsoft Help\Rgstrtn.lck" /Q /A:H
StartupFolder: C:\Users\CLIFFS~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\Dropbox.lnk - C:\Users\Cliffside\AppData\Roaming\Dropbox\bin\Dropbox.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.812\SSScheduler.exe
uPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-Explorer: HideSCAHealth = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: ConsentPromptBehaviorUser = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: E&xport to Microsoft Excel - C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-001055-0002-0055-ABCDEFFEDCBC} - <orphaned>
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: {BEA7310D-06C4-4339-A784-DC3804819809} - hxxp://www.cvsphoto.com/upload/activex/v3_0_0_7/PhotoCenter_ActiveX_Control.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} - hxxps://fpdownload.macromedia.com/get/flashplayer/current/swflash.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{D49FA43E-FF7E-428A-A7EC-0A30819B003E} : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll
SSODL: WebCheck - <orphaned>
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-mStart Page = about:blank
x64-BHO: BlspcHlpr Class: {15C9938F-CB96-496D-800A-B827F2E34EA1} -
x64-BHO: McAfee WebAdvisor: {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [hpsysdrv] c:\program files (x86)\hewlett-packard\HP odometer\hpsysdrv.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {48A61126-9A19-4C50-A214-FF08CB94995C} - {29B24532-6CE1-41BA-8BF0-F580EA174AF1} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: dssrequest - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Handler: sacore - {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 0.0.0.0 fr.a2dfp.net
Hosts: 0.0.0.0 m.fr.a2dfp.net
Hosts: 0.0.0.0 mfr.a2dfp.net
Hosts: 0.0.0.0 ad.a8.net
Hosts: 0.0.0.0 asy.a8ww.net
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Cliffside\AppData\Roaming\Mozilla\Firefox\Profiles\sx6qie0q.default\
FF - prefs.js: browser.search.selectedEngine - Secure Search
FF - prefs.js: browser.startup.homepage - hxxp://www.yahoo.com/
FF - prefs.js: keyword.URL - hxxps://search.yahoo.com/search?fr=mcafee&type=C111US91021D20130814&p=
FF - plugin: c:\PROGRA~1\mcafee\msc\npMcSnFFPl64.dll
FF - plugin: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL
FF - plugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101752.dll
FF - plugin: C:\Program Files (x86)\Mozilla Firefox\browser\plugins\npMozCouponPrinter.dll
FF - plugin: C:\Program Files (x86)\Wondershare\Fantashow\npFantashowPlugin.dll
FF - plugin: C:\Users\Cliffside\AppData\Local\Google\Update\1.3.33.17\npGoogleUpdate3.dll
FF - plugin: C:\Users\Cliffside\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
FF - plugin: C:\Users\Cliffside\AppData\Roaming\Mozilla\plugins\npo1d.dll
FF - plugin: C:\Windows\System32\Macromed\Flash\NPSWF64_22_0_0_209.dll
.
============= SERVICES / DRIVERS ===============
.
R0 mfehidk;McAfee Inc. mfehidk;C:\Windows\System32\drivers\mfehidk.sys [2013-2-19 933360]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\Windows\System32\drivers\mfewfpk.sys [2013-2-19 253424]
R0 PxHlpa64;PxHlpa64;C:\Windows\System32\drivers\PxHlpa64.sys [2012-2-1 52856]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 1413736]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R3 cfwids;McAfee Inc. cfwids;C:\Windows\System32\drivers\cfwids.sys [2013-8-14 77800]
R3 mfeaack;McAfee Inc. mfeaack;C:\Windows\System32\drivers\mfeaack.sys [2015-2-17 487408]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\Windows\System32\drivers\mfeavfk.sys [2013-8-14 355312]
R3 mfefirek;McAfee Inc. mfefirek;C:\Windows\System32\drivers\mfefirek.sys [2013-8-14 506352]
R3 mfencbdc;McAfee LLC. mfencbdc;C:\Windows\System32\drivers\mfencbdc.sys [2017-6-27 504792]
R3 mfeplk;McAfee Inc. mfeplk;C:\Windows\System32\drivers\mfeplk.sys [2016-9-9 116208]
R3 mfesapsn;McAfee Process Start Notification Service;C:\Program Files (x86)\McAfee\SiteAdvisor\x64\mfesapsn.sys [2018-9-29 111608]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2011-8-12 471144]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2017-4-21 107656]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2017-4-21 128648]
S3 ClientAnalyticsService;ClientAnalyticsService;C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2017-1-21 1511728]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\Windows\System32\drivers\HipShieldK.sys [2015-7-28 209608]
S3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2011-8-12 158976]
S3 JLTECH0227;Dual Mode Camera;C:\Windows\System32\drivers\jl2005c.sys [2013-12-25 79920]
S3 mfencrk;McAfee LLC. mfencrk;C:\Windows\System32\drivers\mfencrk.sys [2017-6-27 108504]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
.
=============== Created Last 30 ================
.
2018-10-19 23:07:24 -------- d-----w- C:\Program Files (x86)\Common Files\Oracle
2018-10-16 18:20:35 -------- d-----w- C:\ProgramData\McAfee Security Scan
.
==================== Find3M ====================
.
2018-10-19 23:04:40 98680 ----a-w- C:\Windows\SysWow64\WindowsAccessBridge-32.dll
.
============= FINISH: 9:59:38.81 ===============

Attached Files

attach.txt (464.6 KB)

↧

Super slow boot, slow everything

November 5, 2018, 12:04 pm

≫ Next: Microsoft Update Service detected as a virus

≪ Previous: Malware Infection

Not sure what's going on but my computer is so slow it's difficult to do anything. Please help...

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19155
Run by Hodie at 13:10:17 on 2018-11-05
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.3894.1243 [GMT -6:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Program Files\IDT\WDM\STacSV64.exe
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\WLANExt.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
C:\Windows\system32\taskeng.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\system32\ptumlcmsvc64.exe
C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\HP\HP Photosmart 5510 series\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PrivacyIconClient.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Windows\System32\svchost.exe -k LocalServicePeerNet
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\OUTLOOK.EXE
C:\Windows\sysWow64\SearchProtocolHost.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uProxyServer = localhost:8080
mWinlogon: Userinit = userinit.exe
BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\Office16\URLREDIR.DLL
BHO: {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - <orphaned>
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [HP Photosmart 5510 series (NET)] "C:\Program Files\HP\HP Photosmart 5510 series\Bin\ScanToPCActivationApp.exe" -deviceID "CN1BU22BX505NR:NW" -scfn "HP Photosmart 5510 series (NET)" -AutoStart 1
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
mRun: [IAStorIcon] C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
mRun: [IMSS] "C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IMSS\PIconStartup.exe"
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
dRunOnce: [iCloud] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloud.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: SoftwareSASGeneration = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: Send image to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\SmartPrint\smartprintsetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
DPF: Garmin Communicator Plug-In - hxxps://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB
DPF: {E06E2E99-0AA1-11D4-ABA6-0060082AA75C} - hxxps://uhc.webex.com/client/WBXclient-T27L10NSP32EP5-14362/webex/ieatgpc1.cab
TCP: NameServer = 192.168.1.254
TCP: Interfaces\{61A21C53-CE0F-4214-BA30-8A64E88F8D1B} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{695076B3-72BF-4452-8C0C-61DD9CF93C7E} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613} : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554431383 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\2375942554638333 : DHCPNameServer = 192.168.1.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\4415C4F4447454 : DHCPNameServer = 192.168.254.254
TCP: Interfaces\{FC761777-E592-4B4B-A5E1-2F915004E613}\44F65726C65645275656022697028496C647F6E6 : DHCPNameServer = 8.8.8.8 8.8.4.4
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\WIDCOMM\Bluetooth Software\BtwProximityCP.dll
mASetup: {10880D85-AAD9-4558-ABDC-2AB1552D831F} - "C:\Program Files (x86)\Common Files\LightScribe\LSRunOnce.exe"
mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
mASetup: {A6EADE66-0000-0000-484E-7E8A45000000} - "C:\Windows\SysWOW64\Rundll32.exe" "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll",CreateReaderUserSettings
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - <orphaned>
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\URLREDIR.DLL
x64-BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [HPWirelessAssistant] C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe 120 C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe /hidden
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [IgfxTray] C:\Windows\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\Windows\System32\hkcmd.exe
x64-Run: [Persistence] C:\Windows\System32\igfxpers.exe
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Hodie\AppData\Roaming\Mozilla\Firefox\Profiles\km5jf2y2.default-1473202271514\
FF - plugin: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL
FF - plugin: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
FF - plugin: C:\Users\Hodie\AppData\Local\Citrix\Plugins\104\npappdetector.dll
FF - plugin: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll
FF - plugin: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_24_0_0_194.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;C:\Windows\System32\drivers\aswbidsha.sys [2017-2-3 201928]
R0 aswblog;aswblog;C:\Windows\System32\drivers\aswbloga.sys [2017-2-3 346760]
R0 aswbuniv;aswbuniv;C:\Windows\System32\drivers\aswbuniva.sys [2017-2-3 59664]
R0 aswRvrt;aswRvrt;C:\Windows\System32\drivers\aswRvrt.sys [2014-2-3 88112]
R0 aswVmm;aswVmm;C:\Windows\System32\drivers\aswVmm.sys [2014-2-3 381144]
R1 aswArPot;aswArPot;C:\Windows\System32\drivers\aswArPot.sys [2017-10-27 201408]
R1 aswbidsdriver;aswbidsdriver;C:\Windows\System32\drivers\aswbidsdrivera.sys [2017-2-3 230512]
R1 aswHdsKe;aswHdsKe;C:\Windows\System32\drivers\aswHdsKe.sys [2017-11-24 185240]
R1 aswKbd;aswKbd;C:\Windows\System32\drivers\aswKbd.sys [2018-9-4 42456]
R1 aswSnx;aswSnx;C:\Windows\System32\drivers\aswSnx.sys [2014-2-3 1028840]
R1 aswSP;aswSP;C:\Windows\System32\drivers\aswSP.sys [2014-2-3 467904]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-8-23 83768]
R2 aswMonFlt;aswMonFlt;C:\Windows\System32\drivers\aswMonFlt.sys [2014-2-3 163376]
R2 aswStm;aswStm;C:\Windows\System32\drivers\aswStm.sys [2014-2-3 208640]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-10-8 325024]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2016-2-7 9667872]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-11-4 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service;C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-7-21 103992]
R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-8-5 291896]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-3-5 35200]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2011-2-20 13592]
R2 ptumlcmsvc;PTUML290 Connection Manager Service;C:\Windows\System32\ptumlcmsvc64.exe [2012-3-8 174592]
R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-9-11 399344]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-20 2320920]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-10-4 8188768]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2011-3-23 31088]
R3 HECIx64;Intel(R) Management Engine Interface;C:\Windows\System32\drivers\HECIx64.sys [2009-9-17 56344]
R3 Impcd;Impcd;C:\Windows\System32\drivers\Impcd.sys [2010-12-8 158976]
R3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2013-4-2 317440]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2012-1-17 565352]
R3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-3-26 107592]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-3-26 128584]
S3 aswHwid;aswHwid;C:\Windows\System32\drivers\aswHwid.sys [2014-5-6 47064]
S3 aswTap;avast! SecureLine TAP Adapter v3;C:\Windows\System32\drivers\aswTap.sys [2014-7-17 44640]
S3 btwampfl;Bluetooth AMP USB Filter;C:\Windows\System32\drivers\btwampfl.sys [2011-2-20 620584]
S3 BTWDPAN;Bluetooth Personal Area Network;C:\Windows\System32\drivers\btwdpan.sys [2012-1-18 89640]
S3 btwl2cap;Bluetooth L2CAP Service;C:\Windows\System32\drivers\btwl2cap.sys [2011-2-20 39976]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-10-9 116224]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\Windows\System32\drivers\netaapl64.sys [2013-7-25 23040]
S3 netw5v64;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 64 Bit;C:\Windows\System32\drivers\netw5v64.sys [2009-6-10 5434368]
S3 PTUMLBUS;PTUML USB Composite Device Driver;C:\Windows\System32\drivers\PTUMLBUS.sys [2012-3-8 105600]
S3 PTUMLCVsp;PANTECH UML290 Connection Manager Port;C:\Windows\System32\drivers\PTUMLCVsp.sys [2012-3-8 183424]
S3 PTUMLMBMP;PANTECH UML290 Mobile Broadband;C:\Windows\System32\drivers\PTUMLMBMP.sys [2012-3-8 235776]
S3 PTUMLMdm;PANTECH UML290;C:\Windows\System32\drivers\PTUMLMdm.sys [2012-3-8 183424]
S3 PTUMLNET61;PANTECH UML290 WWAN (NDIS6.1);C:\Windows\System32\drivers\PTUMLNET61.sys [2012-3-8 111872]
S3 PTUMLNVsp;PANTECH UML290 NMEA Port;C:\Windows\System32\drivers\PTUMLNVsp.sys [2012-3-8 184448]
S3 PTUMLRMNET;PANTECH UML290 RMNET Service;C:\Windows\System32\drivers\PTUMLRMNET.sys [2012-3-8 63744]
S3 PTUMLVsp;PANTECH UML290 Diagnostic Port;C:\Windows\System32\drivers\PTUMLVsp.sys [2012-3-8 183424]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2014-12-18 19456]
S3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\Windows\System32\drivers\RtsPStor.sys [2011-2-20 329832]
S3 SrvHsfHDA;SrvHsfHDA;C:\Windows\System32\drivers\VSTAZL6.SYS [2009-7-13 292864]
S3 SrvHsfV92;SrvHsfV92;C:\Windows\System32\drivers\VSTDPV6.SYS [2009-7-13 1485312]
S3 SrvHsfWinac;SrvHsfWinac;C:\Windows\System32\drivers\VSTCNXT6.SYS [2009-7-13 740864]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2014-12-18 56832]
S3 WatAdminSvc;Windows Activation Technologies Service;C:\Windows\System32\Wat\WatAdminSvc.exe [2011-12-27 1255736]
S3 yukonw7;NDIS6.2 Miniport Driver for Marvell Yukon Ethernet Controller;C:\Windows\System32\drivers\yk62x64.sys [2009-6-10 389120]
.
=============== Created Last 30 ================
.
2018-11-03 20:08:36 52296 ----a-w- C:\Windows\System32\drivers\staport.sys
2018-10-25 18:42:18 -------- d-----w- C:\ProgramData\LightScribe
2018-10-25 05:10:54 214824 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-10-25 05:10:34 474904 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-10-25 05:10:34 29976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
.
==================== Find3M ====================
.
2018-10-04 18:32:14 842240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2018-10-04 18:32:14 175104 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2018-09-19 08:08:04 343552 ----a-w- C:\Windows\SysWow64\msrd3x40.dll
2018-09-18 05:38:18 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-09-18 05:38:08 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-09-18 05:26:12 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-09-18 05:25:37 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-09-18 05:25:33 417280 ----a-w- C:\Windows\System32\html.iec
2018-09-18 05:25:22 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-09-18 05:25:10 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-09-18 05:15:16 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-09-18 05:15:14 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-09-18 05:14:56 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-09-18 05:14:25 5779456 ----a-w- C:\Windows\System32\jscript9.dll
2018-09-18 05:09:50 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-09-18 05:01:21 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-09-18 05:00:55 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-09-18 04:41:40 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-09-18 04:41:37 2136064 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-09-18 04:35:18 4510720 ----a-w- C:\Windows\System32\wininet.dll
2018-09-18 04:31:20 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-09-18 04:21:27 497664 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-09-18 04:21:13 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-09-18 04:20:44 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-09-18 04:20:37 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-09-18 04:19:54 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-09-18 04:13:13 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-09-18 04:12:57 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-09-18 04:03:14 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-09-18 04:02:54 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-09-18 03:57:45 4494848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-09-18 03:50:59 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-09-18 03:50:44 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-09-18 03:37:53 4037632 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-09-11 18:28:58 3227136 ----a-w- C:\Windows\System32\win32k.sys
2018-09-11 18:23:29 161280 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-09-11 18:22:58 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-09-09 01:02:22 986824 ----a-w- C:\Windows\System32\drivers\dxgkrnl.sys
2018-09-09 01:02:17 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-09-09 01:02:15 5552328 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-09-09 01:02:12 708296 ----a-w- C:\Windows\System32\winload.efi
2018-09-09 01:02:12 1680072 ----a-w- C:\Windows\System32\drivers\ntfs.sys
2018-09-09 01:02:11 95432 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-09-09 01:02:11 265416 ----a-w- C:\Windows\System32\drivers\dxgmms1.sys
2018-09-09 01:02:11 154824 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-09-09 01:01:09 1664320 ----a-w- C:\Windows\System32\ntdll.dll
2018-09-09 00:58:55 1461760 ----a-w- C:\Windows\System32\lsasrv.dll
2018-09-09 00:58:53 731648 ----a-w- C:\Windows\System32\kerberos.dll
2018-09-09 00:58:53 419840 ----a-w- C:\Windows\System32\KernelBase.dll
2018-09-09 00:58:38 405504 ----a-w- C:\Windows\System32\gdi32.dll
2018-09-09 00:58:18 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-09-09 00:58:17 43520 ----a-w- C:\Windows\System32\cryptbase.dll
2018-09-09 00:58:17 22016 ----a-w- C:\Windows\System32\credssp.dll
2018-09-09 00:46:39 3959496 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-09-09 00:46:29 4054216 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-09-09 00:46:11 1314072 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-09-09 00:44:18 96768 ----a-w- C:\Windows\SysWow64\sspicli.dll
2018-09-09 00:44:18 666112 ----a-w- C:\Windows\SysWow64\rpcrt4.dll
2018-09-09 00:44:18 5120 ----a-w- C:\Windows\SysWow64\wow32.dll
2018-09-09 00:44:18 275968 ----a-w- C:\Windows\SysWow64\KernelBase.dll
2018-09-09 00:44:14 82944 ----a-w- C:\Windows\SysWow64\bcrypt.dll
2018-09-09 00:44:14 313344 ----a-w- C:\Windows\SysWow64\gdi32.dll
2018-09-09 00:44:11 172032 ----a-w- C:\Windows\SysWow64\wdigest.dll
2018-09-09 00:44:07 70144 ----a-w- C:\Windows\SysWow64\TSpkg.dll
2018-09-09 00:44:07 2755584 ----a-w- C:\Windows\SysWow64\themeui.dll
2018-09-09 00:44:04 43008 ----a-w- C:\Windows\SysWow64\srclient.dll
2018-09-09 00:43:57 22016 ----a-w- C:\Windows\SysWow64\secur32.dll
2018-09-09 00:43:56 254464 ----a-w- C:\Windows\SysWow64\schannel.dll
2018-09-09 00:43:55 141312 ----a-w- C:\Windows\SysWow64\rpchttp.dll
2018-09-09 00:43:46 223232 ----a-w- C:\Windows\SysWow64\ncrypt.dll
2018-09-09 00:43:42 261120 ----a-w- C:\Windows\SysWow64\msv1_0.dll
2018-09-09 00:43:42 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2018-09-09 00:43:42 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2018-09-09 00:43:41 60416 ----a-w- C:\Windows\SysWow64\msobjs.dll
2018-09-09 00:43:38 146432 ----a-w- C:\Windows\SysWow64\msaudite.dll
2018-09-09 00:43:30 554496 ----a-w- C:\Windows\SysWow64\kerberos.dll
2018-09-09 00:43:07 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-09-09 00:25:59 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-09-09 00:25:56 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-09-09 00:25:55 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-09-09 00:25:11 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-09-09 00:21:34 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-09-09 00:21:02 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-09-09 00:20:35 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-09-09 00:18:10 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-09-09 00:16:54 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-09-09 00:15:58 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-09-09 00:15:55 112640 ----a-w- C:\Windows\System32\smss.exe
2018-09-09 00:15:51 64512 ----a-w- C:\Windows\System32\drivers\amdk8.sys
2018-09-09 00:15:51 62464 ----a-w- C:\Windows\System32\drivers\intelppm.sys
2018-09-09 00:15:51 60928 ----a-w- C:\Windows\System32\drivers\processr.sys
2018-09-09 00:15:51 60928 ----a-w- C:\Windows\System32\drivers\amdppm.sys
2018-09-09 00:13:19 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-09-09 00:13:17 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-09-09 00:13:17 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-09-09 00:13:16 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-09-09 00:12:14 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-09-09 00:12:06 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-09-09 00:12:05 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-09-09 00:12:05 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
.
============= FINISH: 13:12:35.10 ===============

Attached Files

attach.txt (9.8 KB)

↧

Microsoft Update Service detected as a virus

November 13, 2018, 8:01 pm

≫ Next: GANDCRAB V5.0.4

≪ Previous: Super slow boot, slow everything

hi.. since a few days avast has been detecting ms update as virus, i have attached a screenshot so you guys can have a look. Kindly guide me as to how am i supposed to solve this .....cheers

Attached Thumbnails

Click image for larger version

Name: Annotation.png
Views: N/A
Size: 54.6 KB
ID: 322144

↧

GANDCRAB V5.0.4

November 14, 2018, 12:20 pm

≫ Next: Think it's a Bitcoin miner or a virus.

≪ Previous: Microsoft Update Service detected as a virus

I have been encrypted by the newest version of GANDCRAB V5.0.4. After seeing the extortion files everywhere on my system I did some research and downloaded BitDefender's GandCrab Decryption Tool. I got no results from this so I contacted BitDefender folks who said my particular version of the Trojan had not yet bee encountered and dealth with.

Here is the text file:

---= GANDCRAB V5.0.4 =---

***********************UNDER NO CIRCUMSTANCES DO NOT DELETE THIS FILE, UNTIL ALL YOUR DATA IS RECOVERED***********************

*****FAILING TO DO SO, WILL RESULT IN YOUR SYSTEM CORRUPTION, IF THERE ARE DECRYPTION ERRORS*****

Attention!

All your files, documents, photos, databases and other important files are encrypted and have the extension: .IONOXSLS

The only method of recovering files is to purchase an unique private key. Only we can give you this key and only we can recover your files.

The server with your key is in a closed network TOR. You can get there by the following ways:

----------------------------------------------------------------------------------------

| 0. Download Tor browser - https://www.torproject.org/

| 1. Install Tor browser
| 2. Open Tor Browser
| 3. Open link in TOR browser: https://gandcrabmfe6mnef.onion/a2ab5c2938ea8d57
| 4. Follow the instructions on this page

----------------------------------------------------------------------------------------

On our page you will see instructions on payment and get the opportunity to decrypt 1 file for free.

ATTENTION!

IN ORDER TO PREVENT DATA DAMAGE:

* DO NOT MODIFY ENCRYPTED FILES
* DO NOT CHANGE DATA BELOW

---BEGIN GANDCRAB KEY---
lAQAAMs0ORLz66YIvvpdoftOm5OPZJ1EvdJOPs+QkzWbGNaoZlhXOxD3uFijymJscuz6cd7XTPEcyarClBSI7mihn0ZDxuCv0UZid7O5HnaH1xrRq6uh51Jin3Mu8R2MD/57R+WL77EwtZlx8eB80h0B4+IO/7UL1lXkcig3DfCPI4wdY1Ep+KXrbPUh1QBm2dosAkQp668f6D4FC7Q8A75XGt9q9ugrZk7UCooYca4OAYfuyGdji6gsxIuLLGARcz1bH2FGC5lCLJOaVUA82kyCMyy27od+IfE88WS53540YENkKhBOSP77iTqqrrmodhoBWrgmeDCCrg8XzNUQ0EB81EW/2eapjHIZNkaNj3hOjDO5j/pTTXxFXgVho6VaGqG14YpncGcuOBuytDap3oaVjnqlWXcKau5YY/aWBolSyJQjAX7wG9RfDQ8gJhOwSHHN8i+vchNjVxpP3M1EDwKxeKrt8m4HZsbX1VKAfZqJr5UdyiPLZ6I+qjNVbo9mHdfsGcQIFF1BHxpcEbiMpY0CLaxzEPk7aZnv55lirtDy7nIFuUtbIxKDeTviF+8ohzqObQ1zT3OOzdHWoituQ0LSdD76AT1/o7WBK76QqzGWKaRgI1L3/GcS0iA5Bn469JREXLO7KA0er88DMZCEx4F1ZN+oj2bikMgP4qZqNPGSy5MkXXD00Y0WqGcyxQ3qUr3Rk61yC+5LvU/tC80LHxeskY2NHlX4TwbTNgqhX3W9WpTsm2NztfUvg+IavzlgN+QPRbOiKCRjbM9ECpt+IHb8XxKEiA14+Od0M3Z89WzHlP67U4lSDfUA+sgc6lu08UrgYEj2QZth2aXor8lmQq7v2k5OVc32LQZjLaKEauv731oSeVqBJsJu/c6Wi4aarjsCtlDQJtvxvSXFHt71SF5Snt3aku2f0K0dRDXHv63DqPgzCwkZnJRq13vPyQBDqrRg0nhNwrl0YknZbw1Kvd71pjd8/N3Tph7ewPXow09hTYES+TKsAZ4AxA7m4BKCnbh4gX7I6XrP7VXUMj6REawNEgo7PrJDlr3ZdVze6kyJA0xqUnAwjHWDpQdh6q7vcOakXK9oXeZHB9sWR/AJSGAIaevo/cQTcxS2e6SjBmMdvodFXTLrvdPlqw9wGZ65hJ/UXgSZISjjEXXY6NqPvP+R1J5XKJu3EMvpaIAm94SuBTP1NR8d5/V8ST5i4UcIQhEtUspnf41z2vuk2jzk7YBiADxlcT69iS8LQZud7fGJGKRDVW7j96yWctGXzjuzyAhF2n1s7T3NUOfzq6ScQoNju1ti4Z9xaaNNOH7UH8upVLdnfCdaPSnIjnnoCC50eZx3qJEaDoBqwDSrpxoK2s4b7sAeUWIhvToUyBar2YPqn5VQQ1oqktgILSJY67J1v61tX8IaI9qZviy9s/cOvjPgOFtnCPgc/ZPm2i/n5ZYEEkl/Wl8og1O2svvLghyBK/dq3oik0mKQ2VxgChQxFSA+1nxPvjTKt9JaKHKdSIypsz9KM9HpOf6kQi8NYoECI+4gV7Ike61OubKPdkUPFhVkM7UgsgI7BpayD6TWpcilegfwtu7yzcmfrfBcv+yUAbl3nJDOPneEPxzsEWmEXMNFVrSKGwgIvcSgR/mPYytj/qbFUj9G55lqfSvYGJdEq0Si0SyTTH/c/7HDCgoMRjVmK3RURkYBXdPpykCiFr5lZMm8nozyHGdhpOu0VH3uqnkv13/Emhj+82V8wIe9ufNHYOc9rKUaNi2VP6zfDxyopq1HPg9R4Vcwd/OnjiDj7bNX0c5CMNqRqitBkO+tAaccWdSXq2SuO0MhMwgpVEcxikqCfwMrDP3Td7XVJ1WIfQyayTq3IBctSaEZ1tZaIcVNnNwrjIMbZIxXLv9G9n30hyk1ZqFatKESICGBBT97++1lyyO/hUglm8rj8sWmfN9PgheSbRFavlwXCQdP1VAv+/nwHsWXt/7/dzEw1u2h6vafuSjk4tZvWMButsAULcE8hJhEdlVJJxG42XDaFCIAgItnTGC+jOYKSrxMcQqGQvx9iRh888YEGmIx97VZB15xHcm70oW8VRMDWGsT0NnK/hyJaJdCYuilOfWi0LeHS+cWNYCayHN5s52NNkaNQBQlPvNxsDg6TsIaGRKxEhSRr1FvDmY0FueWNONyMotCLJimDoqEG0ECr8ltifHVmgeLZLSTgWzyvB6aeRBE3bLReUHLN//OTqtHvq+KEKIpWp1haPQPvok=
---END GANDCRAB KEY---

---BEGIN PC DATA---
wfKD6iudumBkmpL8IRr4U4SxAFahOUvtzzxyOq/1zVY7vKCWIh5IYZ5d7pZ2TrpRm3Zi7npWsLfRTHGH4R5IBLTzqdM37+n6TUGEDBbiCpJj89LFMP/fmBOoBJAGLoqj/Px82WjxHJK0ip6hCUS4AqkAxrZmOPWXzbnEbXUkZHQwbcaWrsC2YZxYDKSRxsQpKY4h29OASlKwZEZV5APFuQPcDiJF2LSMOkO4MJkP3IpYLEeTCZwBmoQoBnZiP6Q/ZvrO1sZzjjbqjd1ASXgYl5hnWd0yCA4xYw7BDIArtn0pSk7FUw/okeItJti8qdunpbq+57JioLEdkRrBueLg/2s2WesgGt9YelrBBnbt8xGVEYYb/Cd94oC4b6bsY5pya4zy2SmixJRITW0qZ1O8JIoJ9pE5wNooUBPNnKg+HO4HAOuf2WE7g99rIg2fxHdKqA6CZlvpZhFM3vTLOOag1wQZN3QQRl2KfTnX1lHgdH8SmUHfmSz3QUpnn7Irls+w4nIPVYbpeDfofGEcdsAVPw9N6n8jQwXCtKZAEuLtKEivBY1MZZH2HpwOfL/JRdkPoIlhV6Du57PAzMb9PXYHh8kz7exJRfttXv/GbknWtOJnXuleW9Re9DZhVVLc2rhgk2ncLV4zmQsAfmb5G2FfiT8EyrIcT7HbEAFzKd//xDNjdH03t24FfaOU4HJiLey8LR0EXd0DPtZKjVLf6grxwiUulcUrmI3gwIr0OnltESt+DjFIphtJYAACsLxcZkoy+csQO8ilZk/XrrFOlI8wQ7nDze6C47jlli3c3PxhHPnx59s1zMqHV40JxBVGiaTdhyiDDvHvRvHTl+kFUQNQeYbq/qetL7PBorNvvTEDGF3pZpJd5k6TPtROIZ3hC9ArzjrjgNS8ALCcA7HEa5WXCmlXpu2HAnuA2XVDq74/jqF/AxlC8E/F4yqtxipgqsIKJDUMgIDogFJl0ptYL7hSSR3/QyNetuYvWN353whsC/2jAyZ/vEJRXSdJq1zO+ipmhhtmsRagT5yMnIQ0+2SdYnObvqTlO/fiEKpTD44pA7lVAerJU5D4lBmxiIvkZHXRB3oEWdvSK07z267KmEEH/0iOOwT/uxPcuVt2qUp9OD314MwdusZz8aryJrK5TfkGC1wMyUx0GNG7Xv0ZF57/QrRc+QWrDJrQuwp4q1jsB9XipE74BwqFa5YwVJPFXNLAsqjvIHUsb53JoRh0ShCwLem9vumwPyn7vz7Q1odEIH1sUJVaf+nulMeEHSIO0mVWfFcq4GYAGIZCOKVfAMSdpt6f6n8zY2BH
---END PC DATA---

What do you folks think?

↧

Think it's a Bitcoin miner or a virus.

November 14, 2018, 6:54 pm

≫ Next: oload.download consistently popping up

≪ Previous: GANDCRAB V5.0.4

Hello,

Been banging my head against the wall for the pasty couple of weeks now because of the noise that my PC is making. It's driving me nuts.

So, a little back story: I bought a MSI 1070TI 8G graphics card about a year back. Everything is running fine and dandy, no noises as I don't game all that much, sometimes not at all. (Bought the card b/c it was VR ready and able to output up to 8K resolution from a friends recommendation.)

The couple of times I did game on it, the card made barely any sound (a feather falling on water made more sound, just kidding, but I think that is as close a way to explain it as possible).

Now, all of a sudden, and this was about 2-3 weeks ago, the card started whirring like crazy. The sound became really loud, I was not gaming at the time. I haven't gamed in about 6 months or so as life got in the way and I mostly only watch movies and other 4K videos wit the PC.

The PC started to slow down a lot and even trying to render google Maps causes the system to go into overdrive and end up crashing the browser.

Even browsing the internet sometimes causes the system slow down a lot on and off. But, the loud whirring sound is a constant. Which brings me to my thought that there might be a bitcoin miner installed without my knowing it on the PC.

I think this because the PC never uses less than 40% of its physical memory, the graphics card is always whirring away and the internet connection always seem slower than usual (yes, I know having multiple devices connected to the wifi slows down the internet, but I mainly only use the PC after work around 1-2 AM when everyone is sleeping when I get off work). The graphics card always sounds like it is under 100% load or something and never stops whirring.

Ran an antivirus scan almost every weekend since the noise started up and nothing shows up out of the ordinary which is weird.

I have attached the report from DDS below. Any help would be greatly appreciated.

Unfortunately, don't have access to a Windows Install disc or a Boot CD at the moment.

Sorry if I sound stupid!!!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: BrowserJavaVersion: 11.111.2
Run by Bens at 21:30:20 on 2018-11-14
Microsoft Windows 7 Ultimate 6.1.7601.1.1252.1.1033.18.8137.4028 [GMT -5:00]
.
AV: ESET Security *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET Security *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Windows Defender *Enabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\OpenVPN\bin\openvpnserv.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\system32\taskhost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
C:\Windows\system32\notepad.exe
C:\Portableapps\FirefoxPortable - Rev. 1\FirefoxPortable.exe
C:\Portableapps\FirefoxPortable - Rev. 1\App\Firefox64\Firefox.exe
C:\Portableapps\WaterfoxPortable\App\Waterfox\waterfox.exe
C:\Portableapps\WaterfoxPortable\App\Waterfox\waterfox.exe
C:\Portableapps\WaterfoxPortable\App\Waterfox\waterfox.exe
C:\Portableapps\WaterfoxPortable\App\Waterfox\waterfox.exe
C:\Windows\system32\taskmgr.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\system32\notepad.exe
C:\Portableapps\WaterfoxPortable\App\Waterfox\waterfox.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
mWinlogon: Userinit = userinit.exe
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\ssv.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_111\bin\jp2ssv.dll
uRun: [Google Update] C:\Users\Bens\AppData\Local\Google\Update\1.3.33.17\GoogleUpdateCore.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{A74A2F13-4044-4228-95BF-B116F5BBC906} : DHCPNameServer = 192.168.1.1
SSODL: WebCheck - <orphaned>
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-Run: [RTHDVCPL] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe -s
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [egui] "C:\Program Files\ESET\ESET NOD32 Antivirus\ecmds.exe" /launch /hide
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
.
============= SERVICES / DRIVERS ===============
.
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-10-25 19224]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2015-7-30 143448]
R1 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2018-1-19 109864]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET NOD32 Antivirus\ekrn.exe [2018-11-1 2302152]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2012-4-20 635104]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2015-10-25 165760]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-6 518264]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-12-6 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-12-4 460920]
R2 OpenVPNServiceInteractive;OpenVPN Interactive Service;C:\Program Files\OpenVPN\bin\openvpnserv.exe [2016-10-20 69248]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-7-15 754784]
R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2015-10-25 364416]
R3 hidusbf;USB Mouse Rate Adjuster Lower Filter by SweetLow;C:\Windows\System32\drivers\hidusbf.sys [2017-12-1 25288]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-10-25 356632]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-10-25 789272]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\Windows\System32\drivers\LEqdUsb.sys [2015-6-17 87696]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\Windows\System32\drivers\LHidEqd.sys [2015-6-17 23184]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\Windows\System32\drivers\nvvad64v.sys [2017-12-6 50808]
R3 nvvhci;NVVHCI Enumerator Service;C:\Windows\System32\drivers\nvvhci.sys [2017-12-6 57976]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-10-25 676968]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2012-7-9 104912]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2012-7-8 123856]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\Windows\System32\drivers\ssudbus.sys [2016-7-15 120416]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2011-4-12 71168]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-12-6 518264]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-12-6 30328]
S3 OpenVPNServiceLegacy;OpenVPN Legacy Service;C:\Program Files\OpenVPN\bin\openvpnserv.exe [2016-10-20 69248]
S3 ptun0901;TAP Adapter V9 for Private Tunnel;C:\Windows\System32\drivers\ptun0901.sys [2016-6-15 27136]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2010-11-20 20992]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\Windows\System32\drivers\ssudmdm.sys [2016-7-15 213088]
S3 Synth3dVsc;Synth3dVsc;C:\Windows\System32\drivers\Synth3dVsc.sys [2011-4-12 88960]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2011-4-12 34816]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2010-11-20 59392]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2010-11-20 31232]
S3 tsusbhub;tsusbhub;C:\Windows\System32\drivers\tsusbhub.sys [2011-4-12 117248]
.
=============== File Associations ===============
.
FileExt: .js: JSFile=C:\Windows\System32\WScript.exe "%1" %* [UserChoice]
.
=============== Created Last 30 ================
.
2018-11-15 02:00:18 -------- d-----w- C:\Users\Bens\.oracle_jre_usage
.
==================== Find3M ====================
.
2018-11-02 00:14:03 188832 ----a-w- C:\Windows\System32\drivers\ehdrv.sys
2018-11-02 00:14:03 143448 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2018-11-02 00:14:03 109864 ----a-w- C:\Windows\System32\drivers\epfwwfp.sys
.
============= FINISH: 21:30:27.43 ===============

Attached Files

attach.txt (4.5 KB)

↧