oload.download consistently popping up

November 17, 2018, 11:30 am

≪ Previous: Think it's a Bitcoin miner or a virus.

There's this popup that comes up in the bottom right of my screen and it constantly blocks me from clicking things in that area and it's always there. I ran adware cleaner and followed the instructions and it just came back full force. Looking to get rid of this malware or virus.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.181.2
Run by John Kim at 11:25:52 on 2018-11-17
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.6090.2939 [GMT -8:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\Program Files (x86)\LogMeIn\x64\LogMeIn.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Program Files (x86)\LogMeIn\x64\RaMaint.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\WINDOWS\system32\wbem\unsecapp.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.154.333\AvastBrowserCrashHandler64.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files\rempl\sedsvc.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe
svchost.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files\TortoiseSVN\bin\TSVNCache.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\smartscreen.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\msiexec.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\windows\SysWOW64\UMonit64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\RTFTrack.exe
C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
C:\Program Files (x86)\Lenovo\Energy Management\utility.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\John Kim\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_181\bin\jp2ssv.dll
uRun: [Spotify Web Helper] "C:\Users\John Kim\AppData\Roaming\Spotify\SpotifyWebHelper.exe"
uRun: [OneDrive] "C:\Users\John Kim\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Spotify] "C:\Users\John Kim\AppData\Roaming\Spotify\Spotify.exe" -autostart -minimized
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
mRun: [DivXMediaServer] C:\Program Files (x86)\DivX\DivX Media Server\DivXMediaServer.exe
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{11f6b674-c3dd-4f71-88f4-ef63d9d587f4}\14962707F62747759664968223E2437492 : DHCPNameServer = 210.220.163.82 168.126.63.1
TCP: Interfaces\{7599bbc2-779f-4566-a1fe-677c7a5ad54c} : DHCPNameServer = 192.168.1.1
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {30C521FB-255B-46C8-9F0D-EE5AE371C9AA} - "C:\Program Files (x86)\AVAST Software\Browser\Application\69.1.867.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe -s
x64-Run: [RtHDVBg_Dolby] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /FORPCEE4
x64-Run: [RtHDVBg_LENOVO_DOLBYDRAGON] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_DOLBYDRAGON
x64-Run: [RtHDVBg_LENOVO_MICPKEY] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /LENOVO_MICPKEY
x64-Run: [RtsFT] RTFTrack.exe
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [Energy Management] C:\Program Files (x86)\Lenovo\Energy Management\Energy Management.exe
x64-Run: [EnergyUtility] C:\Program Files (x86)\Lenovo\Energy Management\Utility.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [LogMeIn GUI] "C:\Program Files (x86)\LogMeIn\x64\LogMeInSystray.exe"
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.0 fr.a2dfp.net
Hosts: 0.0.0.0 m.fr.a2dfp.net
Hosts: 0.0.0.0 mfr.a2dfp.net
Hosts: 0.0.0.0 ad.a8.net
Hosts: 0.0.0.0 asy.a8ww.net
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\John Kim\AppData\Roaming\Mozilla\Firefox\Profiles\fxzq9272.default\
FF - prefs.js: browser.startup.homepage - hxxps://www.google.com/?trackid=sp-006
FF - prefs.js: browser.search.selectedEngine - Google (avast)
FF - prefs.js: browser.search.defaulturl - hxxps://www.google.com/search?trackid=sp-006
FF - prefs.js: keyword.URL - hxxps://www.google.com/search?trackid=sp-006
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect32.dll
FF - plugin: C:\Program Files (x86)\Adobe\Adobe Creative Cloud\Utils\npAdobeAAMDetect64.dll
FF - plugin: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
FF - plugin: C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll
FF - plugin: C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll
FF - plugin: c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrlui.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
FF - plugin: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
FF - plugin: C:\Users\John Kim\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll
FF - plugin: C:\Users\John Kim\AppData\Roaming\raidcall\plugins\nprcplugin.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2018-6-2 201328]
R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2018-6-2 346664]
R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2018-6-2 59592]
R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2018-6-2 85968]
R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2018-6-2 381584]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-8-7 644968]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 LHDmgr;LHDmgr;C:\WINDOWS\System32\drivers\LhdX64.sys [2014-3-7 39008]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-25 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2018-8-14 197160]
R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2018-6-2 229392]
R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-8-14 239680]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2018-6-2 1027728]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswsp.sys [2018-6-2 465640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2015-9-15 669872]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2910696]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2015-9-4 2704872]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2018-6-2 159640]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2018-6-2 211160]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-8-14 322464]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_4741881;Connected Devices Platform User Service_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) ME Service;Intel(R) ME Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [2014-3-7 131544]
R2 Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;Intel(R) Wireless Bluetooth(R) 4.0 Radio Management;C:\Program Files (x86)\Intel\Bluetooth\ibtrksrv.exe [2013-6-26 155448]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-3-7 169432]
R2 LMIGuardianSvc;LMIGuardianSvc;C:\Program Files (x86)\LogMeIn\x64\LMIGuardianSvc.exe [2015-5-21 419304]
R2 LMIInfo;LogMeIn Kernel Information Provider;C:\WINDOWS\System32\drivers\LMIInfo.sys [2017-4-3 30432]
R2 LMIRfsDriver;LogMeIn Remote File System Driver;C:\WINDOWS\System32\drivers\LMIRfsDriver.sys [2015-5-29 81088]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-10-10 6347056]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-2-16 458176]
R2 OneSyncSvc_4741881;Sync Host_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-11-8 322712]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-1-20 255096]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_4741881;Windows Push Notifications User Service_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver;C:\WINDOWS\System32\drivers\AcpiVpc.sys [2012-7-8 35600]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-8-14 7780400]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2016-12-12 230656]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2013-9-27 130248]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-11-13 260480]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;___ Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2018-4-11 3485696]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-4-7 56384]
R3 PimIndexMaintenanceSvc_4741881;Contact Data_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 rtsuvc;Lenovo EasyCamera;C:\WINDOWS\System32\drivers\rtsuvc.sys [2014-3-7 8876248]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-2-2 51320]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_4741881;User Data Storage_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_4741881;User Data Access_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S2 avast;%1!s! Update Service (avast);C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-8-15 164984]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 NvNetworkService;NVIDIA Network Service;"C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe" --> C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [?]
S2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2017-4-7 2522680]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-7-18 317408]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-8-14 15360]
S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2018-6-2 46976]
S3 avastm;%1!s! Update Service (avastm);C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-8-15 164984]
S3 BcastDVRUserService_4741881;GameDVR and Broadcast User Service_4741881;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_4741881;Bluetooth User Support Service_4741881;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 DevicePickerUserSvc_4741881;DevicePicker_4741881;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_4741881;DevicesFlow_4741881;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-7-22 131712]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 iumsvc;Intel(R) Update Manager;C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2016-8-12 177376]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_4741881;MessagingService_4741881;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\System32\GameMon.des -service --> C:\WINDOWS\System32\GameMon.des -service [?]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NvStreamKms;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2014-8-25 28216]
S3 OverwolfUpdater;Overwolf Updater Windows SCM;C:\Program Files (x86)\Overwolf\OverwolfUpdater.exe [2018-11-6 2308936]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_4741881;PrintWorkflow_4741881;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-25 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-25 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2015-9-12 165504]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-2 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-25 48544]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-7-30 61992]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1807.18075-0\NisSrv.exe [2018-7-30 3905952]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
S3 wsvd;wsvd;C:\WINDOWS\System32\drivers\wsvd.sys [2014-3-7 102376]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-25 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-11-17 19:23:29 -------- d--h--w- C:\OneDriveTemp
2018-11-14 02:22:08 835168 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-11-14 02:22:08 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-11-14 02:21:30 260480 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-11-14 01:19:05 7520088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-11-14 01:19:04 6570368 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-11-14 01:19:02 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-11-14 01:17:59 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-11-11 06:05:19 -------- d-----w- C:\Program Files (x86)\Common Files\Overwolf
2018-11-11 06:05:18 -------- d-----w- C:\Program Files (x86)\Overwolf
2018-11-11 06:04:40 -------- d-----w- C:\ProgramData\Overwolf
2018-11-11 06:03:59 -------- d-----w- C:\Users\John Kim\AppData\Local\Overwolf
.
==================== Find3M ====================
.
2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-11-01 11:45:21 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll
2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll
2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll
2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll
2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll
2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll
2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-11-01 09:15:23 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-11-01 09:13:39 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll
2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll
2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll
2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe
2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll
2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll
2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll
2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll
2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll
2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll
2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll
2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll
2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll
2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll
2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll
2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll
2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll
2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll
2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-11-01 06:54:44 1225216 ----a-w- C:\WINDOWS\System32\MapsStore.dll
2018-11-01 06:54:41 916480 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll
2018-11-01 06:54:39 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-11-01 06:54:23 1023488 ----a-w- C:\WINDOWS\System32\ShareHost.dll
2018-11-01 06:54:21 1264640 ----a-w- C:\WINDOWS\System32\JpMapControl.dll
2018-11-01 06:54:13 606208 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-11-01 06:54:12 943616 ----a-w- C:\WINDOWS\System32\BingOnlineServices.dll
2018-11-01 06:54:11 1679360 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2018-11-01 06:54:06 884736 ----a-w- C:\WINDOWS\System32\MapControlCore.dll
2018-11-01 06:54:03 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll
2018-11-01 06:54:00 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-11-01 06:53:53 2248192 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
2018-11-01 06:53:53 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-11-01 06:53:52 542208 ----a-w- C:\WINDOWS\System32\vbscript.dll
2018-11-01 06:53:51 1373696 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-11-01 06:53:47 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
.
============= FINISH: 11:27:42.62 ===============

Attached Files

attach.txt (517.8 KB)

↧

This computer has been blocked

November 19, 2018, 10:06 am

≫ Next: IE on severe go slow...

≪ Previous: oload.download consistently popping up

I get this trojan, or whatever it's called, that says, in a female voice "This computer has been blocked...". It does stop me from doing anything until I restart. It pretends to be from MS and gives a number to call. Is there a way to stop this? I run Malwarebytes, anti-spyware, and anti-virus, and they always show nothing. Anyone know how it's getting past things?

↧

IE on severe go slow...

December 3, 2018, 1:16 pm

≫ Next: I think my PC is infected

≪ Previous: This computer has been blocked

Hi there :)

I came here before for help with a problem and Chemist very kindly helped me out. Basically, for the past few weeks and its been steadily getting worse, IE will run extremely slow and end up freezing. When I hit F5, the page seems to take forever to load.

Everything seems to be up to date on here. I have to download DDS from the given link but it will not run as it says it can't run in compatability mode.

Sorry, I cannot post any logs until I can get DDS to run..:confused:

↧

I think my PC is infected

December 8, 2018, 8:52 am

≫ Next: VWjWXCSoATEBQ trojan detected - Can not delete

≪ Previous: IE on severe go slow...

Hi,I inadvertently clicked on an email link and now think I`m infected.My PC is a Medion with AMD A8-5500 ,3.2 GHZ with 4 gig RAM using windows 10 home edition.
I often leave the pc on overnight and the next morning there was a window opened which was blank but the tab was titled DSL-3782 self help,which relates to my router.I`ve managed to change all my financial passwords but having carried out scans with Malwarebytes,Spybot,and Avast anti-virus,I don`t have a clue how to remove the problem.
I ran dds and the results are below.I don`t have a windows disc,it came pre-installed.Kind regards,ingylad99

DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.191.2 Run by ingylad99 at 13:16:14 on 2018-12-08 Microsoft Windows 10 Home 10.0.17134.0.1252.44.2057.18.3543.1162 [GMT 0:00] . AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF} AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Spybot - Search and Destroy *Enabled/Updated* {4C1D9672-63FE-5C90-371E-8FDA591C5B75} SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\fontdrvhost.exe C:\WINDOWS\system32\svchost.exe -k RPCSS -p C:\WINDOWS\system32\dwm.exe C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k netsvcs -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\atiesrxx.exe C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\Windows\System32\WUDFHost.exe C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\System32\svchost.exe -k NetworkService -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k appmodel -p C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p C:\WINDOWS\system32\svchost.exe -k LocalService -p C:\WINDOWS\system32\dashost.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\SysWOW64\CTsvcCDA.exe C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\WINDOWS\system32\DbxSvc.exe C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe svchost.exe C:\Program Files\CyberLink\Shared files\RichVideo64.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe C:\WINDOWS\system32\SearchIndexer.exe C:\WINDOWS\System32\svchost.exe -k netsvcs C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted -p C:\Program Files\Windows Media Player\wmpnetwk.exe C:\WINDOWS\system32\sihost.exe C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\WINDOWS\system32\taskhostw.exe C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files\Windows Defender\MSASCuiL.exe C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Dropbox\Client\Dropbox.exe C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe C:\Program Files\CCleaner\CCleaner64.exe C:\WINDOWS\system32\wbem\unsecapp.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Windows\System32\RuntimeBroker.exe C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe C:\Program Files\AVAST Software\Avast\AvastUI.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Dlna Server.exe C:\Program Files (x86)\Plex\Plex Media Server\Plex Tuner Service.exe C:\Program Files (x86)\Plex\Plex Media Server\PlexScriptHost.exe C:\Program Files\rempl\sedsvc.exe C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe C:\Program Files (x86)\Mozilla Firefox\firefox.exe svchost.exe C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe C:\Windows\System32\RuntimeBroker.exe C:\Windows\System32\smartscreen.exe C:\WINDOWS\system32\AUDIODG.EXE C:\WINDOWS\system32\wbem\wmiprvse.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uStart Page = hxxps://www.google.com/?trackid=sp-006 uSearch Page = hxxps://www.google.com/search?trackid=sp-006&q={searchTerms} BHO: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - <orphaned> BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\ssv.dll BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_191\bin\jp2ssv.dll uRun: [OneDrive] "C:\Users\ingylad99\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background uRun: [SpybotPostWindows10UpgradeReInstall] "C:\Program Files\Common Files\AV\Spybot - Search and Destroy\Test.exe" uRun: [Creative MediaSource Go] "C:\Program Files (x86)\Creative\MediaSource5\Go\CTCMSGoU.exe" /SCB uRun: [Amazon Music] C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music.exe uRun: [Amazon Music Helper] "C:\Users\ingylad99\AppData\Local\Amazon Music\Amazon Music Helper.exe" uRun: [Plex Media Server] "C:\Program Files (x86)\Plex\Plex Media Server\Plex Media Server.exe" uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR mRun: [CLMLServer_For_P2G8] "C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe" mRun: [CLVirtualDrive] "C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe" /R mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe" mRun: [SDTray] "C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe" mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" mPolicies-Explorer: ConfirmFileDelete = dword:1 mPolicies-System: DSCAutomationHostEnabled = dword:2 mPolicies-System: EnableFullTrustStartupTasks = dword:2 mPolicies-System: EnableUwpStartupTasks = dword:2 mPolicies-System: SupportFullTrustStartupTasks = dword:1 mPolicies-System: SupportUwpStartupTasks = dword:1 mPolicies-System: SoftwareSASGeneration = dword:1 . INFO: HKCU has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . . INFO: HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . TCP: NameServer = 192.168.1.1 TCP: Interfaces\{5ae57723-0e29-442a-86e3-461a23b72aa8} : DHCPNameServer = 192.168.1.1 TCP: Interfaces\{f3528235-6914-4b15-93e7-d52d3665993a} : DHCPNameServer = 192.168.1.1 Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll Notify: SDWinLogon - SDWinLogon.dll SSODL: WebCheck - <orphaned> mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_191\bin\ssv.dll x64-BHO: {95B7759C-8C7F-4BF1-B163-73684A933233} - <orphaned> x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_191\bin\jp2ssv.dll x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe" x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui x64-mPolicies-Explorer: ConfirmFileDelete = dword:1 x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2 x64-mPolicies-System: EnableUwpStartupTasks = dword:2 x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1 x64-mPolicies-System: SupportUwpStartupTasks = dword:1 x64-mPolicies-System: SoftwareSASGeneration = dword:1 x64-IE: {2F5C139F-79BD-4C84-A95A-E7140525BC55} - {5B06364D-FF00-4BD5-9D01-4379952513F2} - <orphaned> . INFO: x64-HKLM has more than 50 listed domains. If you wish to scan all of them, select the 'Force scan all domains' option. . x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned> x64-SSODL: WebCheck - <orphaned> x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll Hosts: 127.0.0.1 Spywareinfo.com Hosts: 0.0.0.0 choice.microsoft.com Hosts: 0.0.0.0 choice.microsoft.com.nstac.net Hosts: 0.0.0.0 df.telemetry.microsoft.com Hosts: 0.0.0.0 oca.telemetry.microsoft.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ================= FIREFOX =================== . FF - ProfilePath - C:\Users\ingylad99\AppData\Roaming\Mozilla\Firefox\Profiles\0266uzwq.default-1428953881859\ FF - prefs.js: browser.search.selectedEngine - AVG Secure Search FF - prefs.js: browser.startup.homepage - hxxps://www.google.co.uk/ FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\dtplugin\npdeployJava1.dll FF - plugin: C:\Program Files\Java\jre1.8.0_191\bin\plugin2\npjp2.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll FF - plugin: c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_32_0_0_101.dll . ============= SERVICES / DRIVERS =============== . R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2013-4-4 79528] R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2013-4-4 26280] R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2017-3-16 201768] R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2017-3-16 346592] R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2017-3-16 59496] R0 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-6-25 15360] R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-10-10 87432] R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-10-10 380464] R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192] R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272] R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896] R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-29 72768] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472] R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816] R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464] R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2017-11-20 201240] R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-3-16 230344] R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-1-10 239840] R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2018-11-1 42288] R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-10-10 1028680] R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-10-10 469272] R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320] R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-4-8 91712] R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808] R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472] R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-11-4 351944] R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616] R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-10-10 163208] R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-10-10 208472] R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-12-6 324000] R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R2 CDPUserSvc_44504;CDPUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-29 414720] R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288] R2 CyberLink PowerDVD 10 MS Monitor Service;CyberLink PowerDVD 10 MS Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSMonitorService.exe [2013-3-11 74712] R2 CyberLink PowerDVD 10 MS Service;CyberLink PowerDVD 10 MS Service;C:\Program Files (x86)\CyberLink\PowerDVD10\Device\MediaServer\CLMSServer.exe [2013-3-11 316376] R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-11-28 51024] R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-10-3 6347056] R2 OneSyncSvc_44504;OneSyncSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288] R2 PlexUpdateService;Plex Update Service;C:\Program Files (x86)\Plex\Plex Media Server\Plex Update Service.exe [2018-7-18 2232296] R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-4-8 386344] R2 SDScannerService;Spybot-S&D 2 Scanner Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [2015-12-12 3892256] R2 SDUpdateService;Spybot-S&D 2 Updating Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [2015-12-12 3943664] R2 SDWSCService;Spybot-S&D 2 Security Center Service;C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [2018-11-17 233712] R2 SecurityHealthService;Windows Defender Security Centre Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-29 760888] R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-12-2 326336] R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336] R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432] R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960] R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R2 WpnUserService_44504;WpnUserService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-12-6 8188768] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-8-31 102912] R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-12-8 260480] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992] R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160] R3 RtlWlanu_OldIC;Realtek Wireless LAN 802.11n USB 2.0 Network Adapter;C:\WINDOWS\System32\drivers\rtwlanu_oldIC.sys [2018-4-11 3814400] R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2013-4-4 57000] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192] S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288] S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520] S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-11-21 40720] S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288] S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288] S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-10-10 46384] S3 AvastWscReporter;AvastWscReporter;C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-12-6 57504] S3 BcastDVRUserService_44504;BcastDVRUserService_44504;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728] S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056] S3 BluetoothUserService_44504;BluetoothUserService_44504;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288] S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304] S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936] S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320] S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392] S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432] S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952] S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-6-20 143144] S3 DevicePickerUserSvc_44504;DevicePickerUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevicesFlowUserSvc_44504;DevicesFlowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624] S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288] S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992] S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.80\elevation_service.exe [2018-12-4 375776] S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592] S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136] S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864] S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648] S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360] S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576] S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520] S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152] S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232] S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912] S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256] S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816] S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312] S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408] S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288] S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240] S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736] S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160] S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328] S3 MessagingService_44504;MessagingService_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648] S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952] S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104] S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632] S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448] S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776] S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848] S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 PimIndexMaintenanceSvc_44504;PimIndexMaintenanceSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896] S3 PrintWorkflowUserSvc_44504;PrintWorkflowUserSvc_44504;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288] S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840] S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-29 1921944] S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-29 945568] S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288] S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288] S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920] S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176] S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344] S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528] S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752] S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-29 976384] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-29 105368] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-29 48544] S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512] S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856] S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-29 29600] S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008] S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200] S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288] S3 UnistoreSvc_44504;UnistoreSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088] S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064] S3 UserDataSvc_44504;UserDataSvc_44504;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288] S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352] S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288] S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288] S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288] S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288] S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944] S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456] S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408] S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032] S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288] S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152] S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864] S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920] S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288] S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512] S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-29 295424] S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592] S4 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288] S4 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184] S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288] S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616] S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288] . =============== File Associations =============== . FileExt: .txt: soffice.StarWriterDocument.6="C:\Program Files (x86)\OpenOffice 4\program\swriter.exe" -o "%1" [UserChoice] . =============== Created Last 30 ================ . 2018-12-08 12:56:36 260480 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys 2018-12-08 09:52:59 -------- d-----w- C:\Users\ingylad99\AppData\Local\ESET 2018-12-06 07:38:06 5213184 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe 2018-11-28 13:09:04 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys 2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys 2018-11-28 13:09:04 45752 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys 2018-11-13 20:16:52 835688 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2018-11-13 20:16:52 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2018-11-13 18:54:18 7520088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:18 6570368 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll 2018-11-13 18:54:15 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2018-11-13 18:54:13 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll 2018-11-13 18:54:06 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe 2018-11-13 18:54:03 22015488 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll 2018-11-13 18:54:01 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll 2018-11-13 18:54:00 9089848 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe . ==================== Find3M ==================== . 2018-12-08 12:51:36 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin 2018-12-06 18:56:43 239840 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys 2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe 2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll 2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll 2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll 2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll 2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll 2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll 2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll 2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll 2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe 2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll 2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll 2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll 2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll 2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe 2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll 2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll 2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll 2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll 2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe 2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll 2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys 2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe 2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll 2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll 2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe 2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe 2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll 2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe 2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys 2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi 2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll 2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll 2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll 2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll 2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll 2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll 2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe 2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll 2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll 2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll 2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll 2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll 2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll 2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll 2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll 2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll 2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll 2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll 2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll 2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe 2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll 2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll 2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll 2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll 2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll 2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll 2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll 2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll 2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll 2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll 2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll 2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll 2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll 2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll 2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll 2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll 2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll 2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll 2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll 2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll 2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll 2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll 2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll 2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll 2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll 2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe 2018-11-01 06:54:44 1225216 ----a-w- C:\WINDOWS\System32\MapsStore.dll 2018-11-01 06:54:41 916480 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.Web.Core.dll 2018-11-01 06:54:39 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll 2018-11-01 06:54:23 1023488 ----a-w- C:\WINDOWS\System32\ShareHost.dll 2018-11-01 06:54:21 1264640 ----a-w- C:\WINDOWS\System32\JpMapControl.dll 2018-11-01 06:54:13 606208 ----a-w- C:\WINDOWS\System32\updatehandlers.dll 2018-11-01 06:54:12 943616 ----a-w- C:\WINDOWS\System32\BingOnlineServices.dll 2018-11-01 06:54:11 1679360 ----a-w- C:\WINDOWS\System32\wwansvc.dll 2018-11-01 06:54:06 884736 ----a-w- C:\WINDOWS\System32\MapControlCore.dll 2018-11-01 06:54:03 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll 2018-11-01 06:54:00 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll 2018-11-01 06:53:53 2248192 ----a-w- C:\WINDOWS\System32\wlidsvc.dll 2018-11-01 06:53:53 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll 2018-11-01 06:53:52 542208 ----a-w- C:\WINDOWS\System32\vbscript.dll 2018-11-01 06:53:51 1373696 ----a-w- C:\WINDOWS\System32\usocore.dll 2018-11-01 06:53:47 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll 2018-11-01 06:53:26 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe . ============= FINISH: 13:17:37.93 ===============

Attached Files

attach.txt (12.3 KB)

↧

VWjWXCSoATEBQ trojan detected - Can not delete

December 9, 2018, 3:05 pm

≫ Next: Virus Problem, Please Help

≪ Previous: I think my PC is infected

Malwarebytes detected this trojan and deleted it. However after restarting computer the trojan is detected again. Virus program says that it is deleted again, then does a scan an and reports no infection. However, trojan has been detected again. Above procedure performed 3 times. I need help permanently deleting this infection. Thank you.

My Dell Computer is running Windows 10, I do not have install disc.

DDS.TXT:

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Ernie at 15:37:15 on 2018-12-09
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8109.4617 [GMT -7:00]
.
AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
svchost.exe
C:\WINDOWS\system32\DbxSvc.exe
C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\Explorer.EXE
C:\Program Files\Windows Media Player\wmpnetwk.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\WINDOWS\system32\igfxTray.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.35.76.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\File Association Helper\FAHWindow.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files\AVAST Software\Avast\AvastUI.exe
C:\Users\Ernie\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Browny02\BrYNSvc.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler.exe
C:\Program Files (x86)\AVAST Software\Browser\Update\1.4.136.333\AvastBrowserCrashHandler64.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe
c:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\pcdrwi.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
C:\Program Files (x86)\Dell Backup and Recovery\sftservice.exe
C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe
C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\Program Files (x86)\Dell Backup and Recovery\TOASTER.EXE
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Dell Backup and Recovery\Components\Shell\DBRSync.exe
C:\Program Files\Internet Explorer\iexplore.exe
C:\Windows\System32\Macromed\Flash\FlashUtil_ActiveX.exe
svchost.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k bcastdvruserservice -s BcastDVRUserService
C:\WINDOWS\system32\SearchProtocolHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\WINDOWS\system32\compattelrunner.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\backgroundTaskHost.exe
svchost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/
uSearch Bar = Preserve
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [49970B42564150BDCC41BBA61336D91435261BB6._service_run] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --type=service /prefetch:8
uRun: [OneDrive] "C:\Users\Ernie\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [SansaDispatch] C:\Users\Ernie\AppData\Roaming\SanDisk\Sansa Updater\SansaDispatch.exe
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
uRun: [AvastBrowserAutoLaunch_67950D4370B0FBD7974EA65F32997878] "C:\Program Files (x86)\AVAST Software\Browser\Application\AvastBrowser.exe" --check-run=src=logon --auto-launch-at-startup --profile-directory="Default" --restore-last-session
mRun: [SwitchBoard] C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
mRun: [AdobeCS6ServiceManager] "C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe" -launchedbylogin
mRun: [ControlCenter4] C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe /autorun
mRun: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Wondershare Helper Compact.exe] C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
dRun: [GarminExpress] "C:\Program Files (x86)\Garmin\Express\express.exe" /minimized
StartupFolder: C:\Users\Ernie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\EOSUTI~1.LNK - C:\Program Files (x86)\Canon\EOS Utility\EOS Utility.exe
StartupFolder: C:\Users\Ernie\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\Office15\ONENOTEM.EXE
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\AUDIBL~1.LNK - C:\Program Files (x86)\Audible\Bin\AudibleDownloadHelper.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\IMAGEB~1.LNK - C:\Program Files (x86)\Canon\ImageBrowser EX\MFManager.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: SoftwareSASGeneration = dword:1
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12
TCP: Interfaces\{f95db78b-50ec-40c2-9a32-7bfe08cd847b} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
mASetup: {30C521FB-255B-46C8-9F0D-EE5AE371C9AA} - "C:\Program Files (x86)\AVAST Software\Browser\Application\70.0.917.102\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = about:blank
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4P1
x64-Run: [IgfxTray] "C:\WINDOWS\System32\igfxtray.exe"
x64-Run: [RtHDVBg_PushButton] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /IM
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [FAHConsole] C:\Program Files\File Association Helper\FAHConsole.exe
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: SoftwareSASGeneration = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: GoToAssist - C:\Program Files (x86)\Citrix\GoToAssist\957\G2AWinLogon_x64.dll
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2018-7-27 201768]
R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2018-7-27 346592]
R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2018-7-27 59496]
R0 aswElam;aswElam;C:\WINDOWS\System32\drivers\aswElam.sys [2018-7-6 15360]
R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2018-7-27 87432]
R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2018-7-27 381144]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-6-23 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-27 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2018-7-27 201240]
R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2018-7-27 230344]
R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2018-4-4 239840]
R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2018-10-15 42288]
R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2018-7-27 1028680]
R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2018-7-27 467904]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2014-2-27 91712]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2018-7-27 163208]
R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2018-7-27 208640]
R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2018-11-28 324000]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_31fb4;CDPUserSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-7-27 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-11-28 51024]
R2 DDVCollectorSvcApi;Dell Data Vault Service API;C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [2018-10-22 209392]
R2 DDVDataCollector;Dell Data Vault Collector;C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [2018-10-22 3347440]
R2 DDVRulesProcessor;Dell Data Vault Processor;C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [2018-10-22 218096]
R2 Dell Hardware Support;Dell Hardware Support;C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.6992.1382\DSAPI.exe [2018-11-7 1002816]
R2 DellDigitalDelivery;Dell Digital Delivery Service;C:\Program Files (x86)\Dell Digital Delivery\DeliveryService.exe [2014-1-14 198664]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-6-23 18856]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2017-3-13 382456]
R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2016-9-7 21216]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-6-24 223008]
R2 OneSyncSvc_31fb4;OneSyncSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 osrss;Windows 10 Update Facilitation Service;C:\WINDOWS\System32\svchost.exe -k osrss [2018-4-11 51288]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2015-8-4 312056]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-7-27 760888]
R2 SftService;SoftThinks Agent Service;C:\Program Files (x86)\Dell Backup and Recovery\SftService.exe [2016-1-5 2065808]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SupportAssistAgent;Dell SupportAssist;C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [2018-10-25 38872]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_31fb4;WpnUserService_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 WysePocketCloud;Wyse PocketCloud;C:\Program Files (x86)\Wyse\PocketCloud\PocketCloudService.exe [2013-8-22 16176]
R2 WyseRemoteAccess;Wyse RemoteAccess;C:\Program Files (x86)\Wyse\PocketCloud\WyseRemoteAccess.exe [2013-8-19 1785344]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2018-11-28 8188768]
R3 BcastDVRUserService_31fb4;BcastDVRUserService_31fb4;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
R3 BrYNSvc;BrYNSvc;C:\Program Files (x86)\Browny02\BrYNSvc.exe [2017-1-5 266240]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 DDDriver;DDDriver;C:\WINDOWS\System32\drivers\dddriver64Dcsa.sys [2018-10-20 36400]
R3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_31fb4;PimIndexMaintenanceSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2014-2-27 263896]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-12-15 896752]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-7-27 29600]
R3 UnistoreSvc_31fb4;UnistoreSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_31fb4;UserDataSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
R4 NetfilterSvc;NetfilterSvc;C:\Windows\iNetfilterSvc [2018-12-9 70152]
S2 avast;%1!s! Update Service (avast);C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-5-29 164984]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-1-5 143144]
S2 DellDataVault;Dell Data Vault;C:\Program Files\Dell\DellDataVault\DellDataVault.exe [2016-6-23 2572024]
S2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2018-7-27 46384]
S3 avastm;%1!s! Update Service (avastm);C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [2018-5-29 164984]
S3 AvastWscReporter;AvastWscReporter;C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2018-11-28 57504]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_31fb4;BluetoothUserService_31fb4;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2018-1-5 143144]
S3 DellProf;DellProf;C:\WINDOWS\System32\drivers\DellProf.sys [2018-5-8 41208]
S3 DevicePickerUserSvc_31fb4;DevicePickerUserSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_31fb4;DevicesFlowUserSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-17 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\WINDOWS\System32\drivers\intelaud.sys [2014-9-18 42288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_31fb4;MessagingService_31fb4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_31fb4;PrintWorkflowUserSvc_31fb4;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-27 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-27 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-17 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-7-27 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-7-27 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-27 48544]
S3 SwitchBoard;SwitchBoard;C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe [2010-2-19 517096]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-11-5 54784]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-27 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-17 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-27 787456]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-27 228864]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-27 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-11-8 322712]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-12-09 22:04:30 -------- d-----w- C:\WINDOWS\SSL
2018-12-09 22:04:29 70152 ----a-w- C:\WINDOWS\iNetfilterSvc
2018-12-09 22:04:29 -------- d-----w- C:\WINDOWS\nss
2018-11-28 20:52:00 -------- d-----w- C:\Users\Ernie\AppData\Local\mbam
2018-11-28 20:51:19 -------- d-----w- C:\Users\Ernie\AppData\Local\mbamtray
2018-11-28 16:25:11 -------- d-----w- C:\Users\Ernie\AppData\Local\D3DSCache
2018-11-28 16:20:21 -------- d-----w- C:\ProgramData\itranslator
2018-11-28 13:09:04 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2018-11-27 15:40:59 13873664 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
.
==================== Find3M ====================
.
2018-12-09 22:05:50 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-11-28 16:37:29 239840 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys
2018-11-28 16:25:31 87432 ----a-w- C:\WINDOWS\System32\drivers\aswRvrt.sys
2018-11-28 16:25:30 46384 ----a-w- C:\WINDOWS\System32\drivers\aswHwid.sys
2018-11-28 16:25:30 201240 ----a-w- C:\WINDOWS\System32\drivers\aswArPot.sys
2018-11-28 16:25:30 163208 ----a-w- C:\WINDOWS\System32\drivers\aswMonFlt.sys
2018-11-28 16:25:29 111800 ----a-w- C:\WINDOWS\System32\drivers\aswRdr2.sys
2018-11-28 16:24:44 42288 ----a-w- C:\WINDOWS\System32\drivers\aswKbd.sys
2018-11-28 16:24:29 1028680 ----a-w- C:\WINDOWS\System32\drivers\aswSnx.sys
2018-11-28 16:24:16 59496 ----a-w- C:\WINDOWS\System32\drivers\aswbuniva.sys
2018-11-28 16:24:16 346592 ----a-w- C:\WINDOWS\System32\drivers\aswbloga.sys
2018-11-28 16:24:15 230344 ----a-w- C:\WINDOWS\System32\drivers\aswbidsdrivera.sys
2018-11-28 16:24:15 201768 ----a-w- C:\WINDOWS\System32\drivers\aswbidsha.sys
2018-11-16 23:00:55 834960 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-11-16 23:00:55 179600 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-11-01 11:49:26 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-11-01 11:45:21 4527776 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-11-01 11:45:20 1376672 ----a-w- C:\WINDOWS\System32\ole32.dll
2018-11-01 11:45:04 1617320 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2018-11-01 11:32:09 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-11-01 11:31:51 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-11-01 11:30:26 122368 ----a-w- C:\WINDOWS\System32\musdialoghandlers.dll
2018-11-01 11:30:15 29696 ----a-w- C:\WINDOWS\System32\msisip.dll
2018-11-01 11:29:05 73728 ----a-w- C:\WINDOWS\System32\SMSRouter.dll
2018-11-01 11:28:55 253952 ----a-w- C:\WINDOWS\System32\prnntfy.dll
2018-11-01 11:28:25 4491264 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-11-01 11:28:09 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-11-01 11:27:22 878592 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-11-01 11:27:01 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-11-01 11:26:51 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-11-01 11:26:21 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-11-01 11:25:57 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-11-01 10:09:54 1027000 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2018-11-01 09:59:13 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-11-01 09:56:37 24576 ----a-w- C:\WINDOWS\SysWow64\msisip.dll
2018-11-01 09:56:03 226304 ----a-w- C:\WINDOWS\SysWow64\prnntfy.dll
2018-11-01 09:54:26 3397632 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-11-01 09:53:44 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-11-01 09:52:45 2892800 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-11-01 09:15:23 23861760 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-11-01 09:13:39 19525120 ----a-w- C:\WINDOWS\System32\HologramCompositor.dll
2018-11-01 07:39:00 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-11-01 07:38:08 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-11-01 07:37:57 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-11-01 07:28:29 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-11-01 07:28:20 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-11-01 07:28:17 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-11-01 07:28:13 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-11-01 07:28:11 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-11-01 07:28:09 1062712 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-11-01 07:27:52 491200 ----a-w- C:\WINDOWS\System32\mf.dll
2018-11-01 07:27:36 1017152 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll
2018-11-01 07:26:42 3180080 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-11-01 07:26:28 3291640 ----a-w- C:\WINDOWS\System32\combase.dll
2018-11-01 07:26:22 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2018-11-01 07:26:01 7432120 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-11-01 07:09:59 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-11-01 07:03:03 34816 ----a-w- C:\WINDOWS\System32\dusmtask.exe
2018-11-01 07:03:00 3397120 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-11-01 07:02:22 47104 ----a-w- C:\WINDOWS\System32\dusmapi.dll
2018-11-01 07:02:21 23552 ----a-w- C:\WINDOWS\System32\CSystemEventsBrokerClient.dll
2018-11-01 07:01:20 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-11-01 07:01:10 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-11-01 07:00:25 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-11-01 07:00:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2018-11-01 07:00:14 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-11-01 07:00:11 6031360 ----a-w- C:\WINDOWS\System32\d2d1.dll
2018-11-01 07:00:10 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-11-01 06:59:14 241152 ----a-w- C:\WINDOWS\System32\tetheringservice.dll
2018-11-01 06:59:09 107520 ----a-w- C:\WINDOWS\System32\dab.dll
2018-11-01 06:59:04 176128 ----a-w- C:\WINDOWS\System32\WPTaskScheduler.dll
2018-11-01 06:59:02 192000 ----a-w- C:\WINDOWS\System32\scrrun.dll
2018-11-01 06:59:00 322048 ----a-w- C:\WINDOWS\System32\MusNotificationUx.exe
2018-11-01 06:58:48 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-11-01 06:58:43 530432 ----a-w- C:\WINDOWS\System32\MapConfiguration.dll
2018-11-01 06:58:43 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-11-01 06:58:42 149504 ----a-w- C:\WINDOWS\System32\dssvc.dll
2018-11-01 06:58:11 273408 ----a-w- C:\WINDOWS\System32\ubpm.dll
2018-11-01 06:58:10 4867072 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-11-01 06:58:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-11-01 06:57:53 835584 ----a-w- C:\WINDOWS\System32\PhoneService.dll
2018-11-01 06:57:47 356352 ----a-w- C:\WINDOWS\System32\dusmsvc.dll
2018-11-01 06:57:44 898560 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll
2018-11-01 06:57:42 2364928 ----a-w- C:\WINDOWS\System32\OpcServices.dll
2018-11-01 06:57:41 3381248 ----a-w- C:\WINDOWS\System32\MapRouter.dll
2018-11-01 06:57:41 265728 ----a-w- C:\WINDOWS\System32\psmsrv.dll
2018-11-01 06:57:38 2825728 ----a-w- C:\WINDOWS\System32\MapGeocoder.dll
2018-11-01 06:57:27 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-11-01 06:57:19 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-11-01 06:57:16 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-11-01 06:57:14 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-11-01 06:57:04 281600 ----a-w- C:\WINDOWS\System32\SystemEventsBrokerServer.dll
2018-11-01 06:56:57 1768448 ----a-w- C:\WINDOWS\System32\audiosrv.dll
2018-11-01 06:56:53 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-11-01 06:56:33 506880 ----a-w- C:\WINDOWS\System32\netprofmsvc.dll
2018-11-01 06:56:25 2929664 ----a-w- C:\WINDOWS\System32\xpsservices.dll
2018-11-01 06:56:19 1395200 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2018-11-01 06:55:23 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-11-01 06:55:15 684544 ----a-w- C:\WINDOWS\System32\AudioEndpointBuilder.dll
2018-11-01 06:55:09 1058304 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
.
============= FINISH: 15:38:06.76 ===============

Attached Files

attach.txt (11.9 KB)

↧

Virus Problem, Please Help

December 13, 2018, 12:07 am

≫ Next: Need help cleaning my PC

≪ Previous: VWjWXCSoATEBQ trojan detected - Can not delete

hello, my computer is acting up (slower than a snail and sometimes, when I click on a program to open it, the whole screen turns almost white), aside from that, people who go to my blog say that they are redirected to page containing the words widgetserver.com. My visitors are complaining that they cannot pass from that page, so I need help. I do not know enough to get rid of a redirect virus on my own. Your assistance will be greatly appreciated.

I have run dds and am enclosing the log.

Thank you so very much!

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19203
Run by Clotilde at 0:52:19 on 2018-12-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6072.1174 [GMT -7:00]
.
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET Security *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\ESET\ESET Security\ekrn.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\ESET\ESET Security\egui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\paint.net\PaintDotNet.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://hp13.msn.com
mStart Page = about:blank
mDefault_Page_URL = hxxp://hp13.msn.com
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
uRun: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Works Update Detection] C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Syncios device service] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{C448E5AE-83C5-40EF-9876-08D07D2201C8} : DHCPNameServer = 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Program Files (x86)\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
mASetup: {48F69C39-1356-4A7B-A899-70E3539D4982} - "C:\Program Files (x86)\AVG\Browser\Application\70.1.682.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [ZAM] "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized
x64-Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 Spywareinfo.com
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Clotilde\AppData\Roaming\Mozilla\Firefox\Profiles\ph5zoyns.default-1539581929115\
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 edevmon;edevmon;C:\Windows\System32\drivers\edevmon.sys [2018-11-29 107896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-10-9 1398936]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-10-9 30360]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-5-18 22800]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2015-7-31 91912]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2018-11-29 143448]
R1 EpfwLWF;ESET Firewall;C:\Windows\System32\drivers\EpfwLWF.sys [2018-10-17 61528]
R1 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2018-10-17 109864]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2018-10-6 152688]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 ZAM;ZAM Helper Driver;C:\Windows\System32\drivers\zam64.sys [2018-12-7 203680]
R1 ZAM_Guard;ZAM Guard Driver;C:\Windows\System32\drivers\zamguard64.sys [2018-12-7 203680]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-12-4 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-10-28 1710456]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-10-28 1165688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-3-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-3-26 128584]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2018-11-28 51024]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 ekbdflt;ekbdflt;C:\Windows\System32\drivers\ekbdflt.sys [2018-10-17 50144]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-7-31 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-8-21 99128]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2015-1-27 44680]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2014-6-9 35640]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-9 18584]
R2 iBtSiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-10-28 124520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-5-18 344168]
R2 IntelUSBoverIP;IntelUSBoverIP;C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-1-14 395744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2018-12-13 198512]
R3 A6100;NETGEAR A6100 WiFi Adapter;C:\Windows\System32\drivers\A6100.sys [2018-1-15 7694920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2015-7-31 41704]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2015-7-31 38720]
R3 ekrnEpfw;ESET Firewall Helper;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2015-7-31 216360]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-5-18 387344]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-5-18 797456]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2015-1-14 27000]
R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2018-12-7 161408]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2018-12-13 126624]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2018-12-13 72536]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2018-12-13 261032]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2018-12-13 103760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-7-31 977624]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2015-2-13 33448]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2015-1-14 212056]
S2 avast;%1!s! Update Service (avast);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S2 avg;%1!s! Update Service (avg);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9;C:\Windows\System32\drivers\aftap0901.sys [2018-3-6 48624]
S3 avastm;%1!s! Update Service (avastm);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S3 avgm;%1!s! Update Service (avgm);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2014-10-28 141624]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2014-11-26 1448248]
S3 btmlehid;Intel Bluetooth Low Energy HID Service;C:\Windows\System32\drivers\btmlehid.sys [2014-11-5 83768]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2016-8-16 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\Windows\System32\drivers\ibtusb.sys [2014-10-28 230128]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-12-11 116224]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2015-1-14 38264]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-5-18 455440]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-5-13 887256]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-5-14 19456]
S3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2015-7-31 781528]
S3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2015-7-31 377048]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-2-13 33448]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-5-14 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-5-14 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-5-14 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
.
=============== Created Last 30 ================
.
2018-12-13 07:40:22 72536 ----a-w- C:\Windows\System32\drivers\mbam.sys
2018-12-13 07:40:07 198512 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys
2018-12-13 07:40:03 261032 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys
2018-12-13 07:40:03 126624 ----a-w- C:\Windows\System32\drivers\farflt.sys
2018-12-13 07:40:02 103760 ----a-w- C:\Windows\System32\drivers\mwac.sys
2018-12-12 12:06:00 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2736.dll
2018-12-12 10:44:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2716.dll
2018-12-11 11:06:03 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2656.dll
2018-12-10 01:24:13 14845712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\mpengine.dll
2018-12-07 10:23:14 203680 ----a-w- C:\Windows\System32\drivers\zam64.sys
2018-12-07 10:23:12 203680 ----a-w- C:\Windows\System32\drivers\zamguard64.sys
2018-12-07 10:22:51 161408 ----a-w- C:\Windows\System32\drivers\KeyCrypt64.sys
2018-12-07 10:22:44 -------- d-----w- C:\Program Files (x86)\KeyCryptSDK
2018-12-07 10:22:42 -------- d-----w- C:\Program Files (x86)\Zemana AntiLogger
2018-12-07 10:22:22 -------- d-----w- C:\Users\Clotilde\AppData\Local\Zemana
2018-12-07 06:37:59 51712 ----a-w- C:\Windows\System32\vmictimeprovider.dll
2018-12-07 06:36:55 634272 ----a-w- C:\Windows\System32\winload.exe
2018-12-04 19:50:22 255472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2018-12-02 06:21:47 334488 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2018-11-29 17:54:40 143448 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2018-11-29 17:54:40 107896 ----a-w- C:\Windows\System32\drivers\edevmon.sys
2018-11-28 13:09:04 51024 ----a-w- C:\Windows\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\Windows\System32\drivers\dbx-stable.sys
2018-11-18 10:08:21 -------- d-----w- C:\NPE
.
==================== Find3M ====================
.
2018-12-13 07:38:15 152688 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2018-12-06 03:48:46 842240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2018-12-06 03:48:46 175104 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2018-12-06 02:39:38 3227648 ----a-w- C:\Windows\System32\win32k.sys
2018-11-28 22:02:47 12574720 ----a-w- C:\Windows\System32\wmploc.DLL
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\msdxm.ocx
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\dxmasf.dll
2018-11-28 22:02:44 9728 ----a-w- C:\Windows\System32\spwmp.dll
2018-11-28 21:50:18 12574208 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2018-11-28 21:38:20 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2018-11-27 01:33:44 592416 ------w- C:\Windows\System32\MpSigStub.exe
2018-11-15 01:51:22 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-11-15 01:50:24 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-11-13 04:54:41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-11-13 04:54:28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-11-13 04:41:00 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-11-13 04:40:17 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-11-13 04:40:11 417280 ----a-w- C:\Windows\System32\html.iec
2018-11-13 04:39:43 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-11-13 04:35:33 5778944 ----a-w- C:\Windows\System32\jscript9.dll
2018-11-13 04:28:52 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-11-13 04:28:51 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-11-13 04:28:31 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-11-13 04:26:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-11-13 04:21:22 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-11-13 04:13:57 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-11-13 04:13:15 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-11-13 04:13:04 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-11-13 04:12:13 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-11-13 04:11:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-11-13 04:11:17 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-11-13 04:03:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-11-13 04:03:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-11-13 03:51:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-11-13 03:50:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-11-13 03:50:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-11-13 03:49:59 2136064 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-11-13 03:42:08 4494848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-11-13 03:38:33 4859904 ----a-w- C:\Windows\System32\wininet.dll
2018-11-13 03:37:22 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-11-13 03:36:42 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-11-13 03:18:56 4386816 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-11-11 17:19:16 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-11-11 17:01:37 708328 ----a-w- C:\Windows\System32\winload.efi
2018-11-11 17:01:36 366824 ----a-w- C:\Windows\System32\drivers\msrpc.sys
2018-11-11 17:01:35 5551848 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-11-11 17:01:15 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-11-11 17:01:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-11-11 17:00:27 1664360 ----a-w- C:\Windows\System32\ntdll.dll
2018-11-11 16:57:40 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-11-11 16:49:44 4054760 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-11-11 16:49:09 3960040 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-11-11 16:47:23 1314104 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-11-11 16:44:39 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-11-11 16:25:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-11-11 16:25:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-11-11 16:25:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-11-11 16:24:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-11-11 16:20:50 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-11-11 16:20:16 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-11-11 16:19:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-11-11 16:19:32 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-11-11 16:16:39 160768 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-11-11 16:16:08 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-11-11 16:16:06 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-11-11 16:15:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-11-11 16:15:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-11-11 16:15:07 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-11-11 16:15:07 112640 ----a-w- C:\Windows\System32\smss.exe
2018-11-11 16:15:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-11-11 16:15:06 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-11-11 16:15:05 64512 ----a-w- C:\Windows\System32\drivers\amdk8.sys
2018-11-11 16:15:05 62464 ----a-w- C:\Windows\System32\drivers\intelppm.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\processr.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\amdppm.sys
2018-11-11 16:14:04 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-11-11 16:13:55 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-11-11 16:13:55 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-11 16:13:55 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-11 16:13:55 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-11-11 01:25:57 516608 ----a-w- C:\Windows\System32\rpcss.dll
2018-11-11 01:25:52 26112 ----a-w- C:\Windows\System32\oleres.dll
2018-11-11 01:25:52 2072576 ----a-w- C:\Windows\System32\ole32.dll
2018-11-11 01:24:56 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-11-11 01:10:52 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2018-11-11 01:10:51 1425920 ----a-w- C:\Windows\SysWow64\ole32.dll
2018-11-11 00:47:49 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2018-11-08 16:58:35 2009600 ----a-w- C:\Windows\System32\msxml6.dll
2018-11-08 16:58:35 1889280 ----a-w- C:\Windows\System32\msxml3.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2018-11-08 16:43:47 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2018-11-08 16:43:47 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
2018-11-06 04:36:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-11-06 04:20:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-10-27 03:42:17 28160 ----a-w- C:\Windows\System32\wshcon.dll
.
============= FINISH: 0:55:40.05 ===============

↧

Need help cleaning my PC

December 19, 2018, 12:08 am

≫ Next: Malware Help

≪ Previous: Virus Problem, Please Help

Ok, so my daughter downloaded something on the family's pc just last night. Now all of a sudden I've got dozens of windows opening by themselves. They all open under Google Chrome but look more like an error window. Blank title bar but the message that appears is "1111" and the only option is 'OK'. I couldn't uninstall Chrome until I closed all the windows but whenever I click the X in the corner of the box, another two or three would appear. Since they open in individual windows, I have to close them one by one using task manager but another one appears every 5-10 seconds. I finally managed to uninstall it after a few tries.

Now my current problem is that I ran both a full scan using Windows Defender (which my daughter turned off to be able to bypass the firewall for what she downloaded, a program for a game of some sort) and Malwarebytes. The first time I did, it came back with dozens of threats listed as PUPs, malware, and Trojans. After quarantining and removing them all, as well as restarting the pc, I ran another scan and came back with nearly double the number of threats, whereas there were zero threats a few days ago.

I'm no computer expert, nor do I know any, and I don't trust the 'experts' in the shops in the city enough to trust they won't plant or sabotage something that will make me come back a few days later just to pay them to fix again.

So yeah, I need help.

Thank you.

↧

Malware Help

January 2, 2019, 9:32 am

≫ Next: URGENT: Virus corrupted tonnes of files

≪ Previous: Need help cleaning my PC

Cleaning up my dad's computer. Here are the logs. He is getting a lot of random popups, both on browsers and outside of browsers. Google.com searches (Chrome browser) redirect to searchencrypt . com results. I will try to get the details of the popups when they come up again (it's at random) and will edit the post with that. I am not sure if I have access to a Windows Install disc or Boot CD, I will see if I can find that out. Thanks.

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by csore at 11:12:44 on 2019-01-02
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8109.3607 [GMT -6:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee VirusScan *Enabled/Updated* {8BCDACFA-D264-3528-5EF8-E94FD0BC1FBC}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: McAfee VirusScan *Enabled/Updated* {30AC4D1E-F45E-3AA6-6448-D23DAB3B5501}
FW: McAfee Firewall *Enabled* {B3F62DDF-980B-3470-75A7-407A2E6F58C7}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\DbxSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
C:\WINDOWS\system32\ibtsiva.exe
C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHDCPSvc.exe
C:\WINDOWS\system32\Intel\DPTF\esif_uf.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\program files\common files\mcafee\modulecore\modulecoreservice.exe
C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k netsvcs
C:\windows\system32\mfevtps.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\windows\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
C:\Program Files\Common Files\McAfee\VSCore_18_5\McApExe.exe
C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe
C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe
C:\WINDOWS\TEMP\DPTF\esif_assist_64.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\HP\HP JumpStart Launch\HPJumpStartLaunch.exe
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxEM.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
c:\program files\common files\mcafee\modulecore\ModuleCoreService.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Users\csore\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Google\Update\1.3.33.23\GoogleCrashHandler64.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files\rempl\sedsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.36.52.0_x64__kzf8qxf38zg5c\SkypeBridge\SkypeBridge.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\McAfee\MfeAV\MFEAvSvc.exe
C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.EXE
C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
C:\Program Files\Common Files\McAfee\Platform\mcuicnt.exe
C:\WINDOWS\system32\WLANExt.exe
C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k printworkflow -s PrintWorkflowUserSvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\vssvc.exe
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p -s DeviceInstall
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [OneDrive] "C:\Users\csore\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [HPMessageService] C:\Program Files (x86)\HP\HP System Event\HPMSGSVC.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: Interfaces\{4d1289db-704a-45e4-ad77-dee073d19d7e} : DHCPNameServer = 192.168.1.254
Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\mcafee\MSC\McSnIePl64.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;Intel(R) Chipset SATA/PCIe RST Premium Controller;C:\WINDOWS\System32\drivers\iaStorA.sys [2017-6-9 906240]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-12-12 58168]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2018-5-22 954784]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2018-5-22 252832]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-17 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_77f39;Connected Devices Platform User Service_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-15 414720]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-5-18 9646240]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\IntelCpHDCPSvc.exe [2018-7-2 470128]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2018-12-12 51024]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 esifsvc;ESIF Upper Framework Service;C:\WINDOWS\System32\Intel\DPTF\esif_uf.exe [2017-2-8 2210936]
R2 HP Orbit Service;HP Orbit Service;C:\Program Files\HP\HP Orbit Service\HPOrbitService.exe [2017-6-20 3421616]
R2 HPJumpStartBridge;HP JumpStart Bridge;C:\Program Files (x86)\HP\HP JumpStart Bridge\HPJumpStartBridge.exe [2017-5-23 471040]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\HP\HP System Event\HPWMISVC.exe [2017-7-13 628768]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\ki126951.inf_amd64_94804e3918169543\igfxCUIService.exe [2018-7-2 406128]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2017-12-3 205968]
R2 McAPExe;McAfee AP Service;C:\Program Files\Common Files\McAfee\VSCore_18_5\mcapexe.exe [2018-8-1 728808]
R2 mccspsvc;McAfee CSP Service;C:\Program Files\Common Files\McAfee\CSP\2.9.175.0\McCSPServiceHost.exe [2018-4-6 2141912]
R2 mfemms;McAfee Service Controller;C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [2018-2-25 519120]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2018-5-22 473552]
R2 ModuleCoreService;McAfee Module Core Service;C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [2018-2-25 1689952]
R2 OneSyncSvc_77f39;Sync Host_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 PEFService;McAfee PEF Service;C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [2018-3-8 1047448]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2018-5-14 265672]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-15 760888]
R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2018-12-2 326336]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-12-12 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2018-5-14 351784]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_77f39;Windows Push Notifications User Service_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2018-5-22 77216]
R3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R3 dptf_cpu;dptf_cpu;C:\WINDOWS\System32\drivers\dptf_cpu.sys [2017-2-8 67976]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 esif_lf;esif_lf;C:\WINDOWS\System32\drivers\esif_lf.sys [2017-2-8 355208]
R3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-3 1031704]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-12-6 199192]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2018-7-2 820168]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 mfeaack;McAfee Inc. mfeaack;C:\WINDOWS\System32\drivers\mfeaack.sys [2018-5-22 497568]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2018-5-22 361888]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2018-5-22 533408]
R3 mfencbdc;McAfee LLC. mfencbdc;C:\WINDOWS\System32\drivers\mfencbdc.sys [2018-5-3 550288]
R3 mfeplk;McAfee Inc. mfeplk;C:\WINDOWS\System32\drivers\mfeplk.sys [2018-5-22 115616]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 Netwtw04;Intel(R) Wireless Adapter Driver for Windows 10 - 64 Bit;C:\WINDOWS\System32\drivers\Netwtw04.sys [2018-2-5 8623128]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_77f39;Contact Data_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 PrintWorkflowUserSvc_77f39;PrintWorkflow_77f39;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-5-14 1026896]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-9-1 46632]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
R3 UnistoreSvc_77f39;User Data Storage_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_77f39;User Data Access_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-12-12 83456]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-14 787456]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-2-2 35568]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2018-5-22 83952]
S2 0035731545724116mcinstcleanup;McAfee Application Installer Cleanup (0035731545724116);C:\WINDOWS\TEMP\003573~1.EXE -cleanup -nolog --> C:\WINDOWS\TEMP\003573~1.EXE -cleanup -nolog [?]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-5-18 143144]
S2 HP Comm Recover;HP Comm Recovery;C:\Program Files\HPCommRecovery\HPCommRecovery.exe [2017-5-18 1309184]
S2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2016-12-7 347512]
S2 Intel(R) TPM Provisioning Service;Intel(R) TPM Provisioning Service;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\TPMProvisioningService.exe [2018-3-2 719640]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 BcastDVRUserService_77f39;GameDVR and Broadcast User Service_77f39;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-12-12 92688]
S3 BluetoothUserService_77f39;Bluetooth User Support Service_77f39;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClientAnalyticsService;ClientAnalyticsService;C:\Program Files\Common Files\McAfee\ClientAnalytics\Legacy\McClientAnalytics.exe [2018-2-25 1508656]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-5-18 143144]
S3 DevicePickerUserSvc_77f39;DevicePicker_77f39;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_77f39;DevicesFlow_77f39;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-15 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-12 443872]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HipShieldK;McAfee Inc. HipShieldK;C:\WINDOWS\System32\drivers\HipShieldK.sys [2018-5-22 226984]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcAudioBus;Intel(R) Smart Sound Technology (Intel(R) SST) Bus;C:\WINDOWS\System32\drivers\IntcAudioBus.sys [2018-8-24 268192]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\Intel(R) Management Engine Components\iCLS\SocketHeciServer.exe [2018-3-2 758552]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_77f39;MessagingService_77f39;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe [2018-2-25 359888]
S3 mfencrk;McAfee LLC. mfencrk;C:\WINDOWS\System32\drivers\mfencrk.sys [2018-5-3 108944]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-17 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-17 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RTSUER;Realtek USB Card Reader - UER;C:\WINDOWS\System32\drivers\RtsUer.sys [2017-9-1 420832]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-15 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2017-9-1 60504]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-13 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-17 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-14 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-15 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-14 228864]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2018-4-11 25088]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-17 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2019-01-02 16:12:07 30208 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\CNMPDBL.DLL
2019-01-02 16:12:07 101888 ----a-w- C:\WINDOWS\System32\Spool\prtprocs\x64\CNMPPBL.DLL
2019-01-02 16:11:48 390656 ----a-w- C:\WINDOWS\System32\CNMLMBL.DLL
2019-01-02 16:10:33 -------- d--h--w- C:\ProgramData\CanonIJFAX
2019-01-02 16:10:25 303104 ----a-w- C:\WINDOWS\System32\CNCALBL.DLL
2018-12-24 01:17:17 -------- d--h--w- C:\OneDriveTemp
2018-12-20 03:19:59 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-12-20 03:19:59 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-12-20 03:19:59 1295360 ----a-w- C:\WINDOWS\SysWow64\MSVPXENC.dll
2018-12-14 15:53:11 1476904 ----a-w- C:\WINDOWS\System32\mcupdate_GenuineIntel.dll
2018-12-13 05:12:48 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2018-12-13 05:12:48 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2018-12-13 05:12:48 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2018-12-13 05:12:48 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2018-12-13 02:39:06 25855488 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-12-13 02:37:59 884224 ----a-w- C:\WINDOWS\System32\NMAA.dll
.
==================== Find3M ====================
.
2018-12-14 12:24:26 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-12-14 07:29:35 6567472 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-12-14 07:29:22 1130760 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-12-14 07:25:40 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-12-14 07:23:18 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-12-14 07:23:18 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-12-14 07:23:18 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-12-14 07:23:16 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-12-14 07:23:08 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-12-14 07:22:03 9084216 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-12-14 07:22:01 7520104 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-12-14 07:21:46 1098064 ----a-w- C:\WINDOWS\System32\msvproc.dll
2018-12-14 07:21:44 1457240 ----a-w- C:\WINDOWS\System32\winload.efi
2018-12-14 07:21:43 1140480 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-12-14 07:21:42 982912 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-12-14 07:21:42 1257672 ----a-w- C:\WINDOWS\System32\winload.exe
2018-12-14 07:13:10 5775872 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-12-14 07:12:02 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-12-14 06:55:44 3396608 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-12-14 06:54:39 1307648 ----a-w- C:\WINDOWS\System32\MSVPXENC.dll
2018-12-14 06:54:31 6032384 ----a-w- C:\WINDOWS\System32\d2d1.dll
2018-12-14 06:53:48 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-12-14 06:52:49 2173440 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-12-14 06:52:44 1826816 ----a-w- C:\WINDOWS\System32\Windows.CloudStore.dll
2018-12-14 06:51:24 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-12-08 12:47:28 1048712 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2018-12-08 12:47:15 645320 ----a-w- C:\WINDOWS\System32\advapi32.dll
2018-12-08 12:46:44 549760 ----a-w- C:\WINDOWS\System32\AppResolver.dll
2018-12-08 12:42:56 4527800 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-12-08 12:42:35 1616824 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2018-12-08 12:42:34 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-12-08 12:41:05 481880 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll
2018-12-08 12:40:15 1454648 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-12-08 12:39:47 444416 ----a-w- C:\WINDOWS\SysWow64\AppResolver.dll
2018-12-08 12:29:23 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-12-08 12:28:53 4708864 ----a-w- C:\WINDOWS\System32\twinui.pcshell.dll
2018-12-08 12:28:43 6586880 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-12-08 12:27:54 68608 ----a-w- C:\WINDOWS\System32\fdBth.dll
2018-12-08 12:27:31 59392 ----a-w- C:\WINDOWS\SysWow64\fdBth.dll
2018-12-08 12:27:10 5657600 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-12-08 12:27:09 82432 ----a-w- C:\WINDOWS\System32\drivers\storqosflt.sys
2018-12-08 12:23:26 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-12-08 12:23:25 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-12-08 12:23:18 1856512 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-12-08 12:23:13 471040 ----a-w- C:\WINDOWS\SysWow64\AcSpecfc.dll
2018-12-08 12:23:04 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-12-08 12:23:02 2892288 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-12-08 12:22:41 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-12-08 12:22:19 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-12-08 12:22:09 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-12-08 08:12:51 272408 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-12-08 08:12:49 269336 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-12-08 08:12:40 92688 ----a-w- C:\WINDOWS\System32\drivers\bindflt.sys
2018-12-08 08:07:40 1328632 ----a-w- C:\WINDOWS\System32\wpx.dll
2018-12-08 08:07:15 5625352 ----a-w- C:\WINDOWS\System32\StartTileData.dll
2018-12-08 08:07:04 1063416 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-12-08 08:06:53 491416 ----a-w- C:\WINDOWS\System32\mf.dll
2018-12-08 08:06:37 1017168 ----a-w- C:\WINDOWS\System32\msmpeg2adec.dll
2018-12-08 08:06:24 433168 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys
2018-12-08 08:06:10 777512 ----a-w- C:\WINDOWS\System32\wer.dll
2018-12-08 08:06:03 249088 ----a-w- C:\WINDOWS\System32\weretw.dll
2018-12-08 08:06:01 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-12-08 08:04:57 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-12-08 07:47:51 785760 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-12-08 07:47:37 861744 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-12-08 07:46:18 665224 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2018-12-08 07:46:10 1989040 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-12-08 07:46:07 101192 ----a-w- C:\WINDOWS\SysWow64\rmclient.dll
2018-12-08 07:46:05 1397104 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-12-08 07:46:03 2331480 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-12-08 07:46:01 457056 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-12-08 07:45:57 1011872 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-12-08 07:45:53 1805656 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2018-12-08 07:45:52 6043496 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-12-08 07:45:51 2307240 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-12-08 07:45:50 356864 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-12-08 07:45:48 4789952 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-12-08 07:45:43 1379816 ----a-w- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
2018-12-08 07:45:39 1620472 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-12-08 07:45:39 129296 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-12-08 07:45:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-12-08 07:42:01 9084928 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2018-12-08 07:41:24 7057408 ----a-w- C:\WINDOWS\System32\mos.dll
2018-12-08 07:40:52 4384768 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-12-08 07:40:32 4710912 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-12-08 07:39:38 36352 ----a-w- C:\WINDOWS\System32\wpnsruprov.dll
2018-12-08 07:38:57 3392000 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-12-08 07:38:42 132608 ----a-w- C:\WINDOWS\System32\DataUsageLiveTileTask.exe
2018-12-08 07:38:40 22016000 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-12-08 07:38:37 85504 ----a-w- C:\WINDOWS\System32\LocationFrameworkInternalPS.dll
2018-12-08 07:38:37 55296 ----a-w- C:\WINDOWS\System32\msscntrs.dll
2018-12-08 07:38:34 2739200 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-12-08 07:38:30 83456 ----a-w- C:\WINDOWS\System32\drivers\wcnfs.sys
2018-12-08 07:38:11 419328 ----a-w- C:\WINDOWS\System32\eeprov.dll
2018-12-08 07:38:10 310272 ----a-w- C:\WINDOWS\System32\wc_storage.dll
2018-12-08 07:37:59 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-12-08 07:37:53 358912 ----a-w- C:\WINDOWS\System32\DataUsageHandlers.dll
2018-12-08 07:37:45 184320 ----a-w- C:\WINDOWS\System32\bthserv.dll
2018-12-08 07:37:41 106496 ----a-w- C:\WINDOWS\System32\drivers\bthenum.sys
2018-12-08 07:37:40 386048 ----a-w- C:\WINDOWS\System32\Windows.System.Diagnostics.dll
.
============= FINISH: 11:15:27.16 ===============

Attached Files

attach.txt (6.0 KB)

↧

URGENT: Virus corrupted tonnes of files

January 4, 2019, 9:14 am

≫ Next: A undeletable virus in my computer

≪ Previous: Malware Help

Long story short: Installed virus (obviously didn't know it was), removed virus, it had time to corrupt thousands of files. No file has been removed, but each file has an added ".djvur" at the end (for example "image.jpg.djvur") and if I remove it it only returns a corrupt file. Again, this has affected thousands of files, from important documents to some program files causing them to not open.

Reverting system to the only point available didn't go through. Through ShadowExplorer I've found the files without the ".djvur" but when exported I get the same corrupt files.

I assume it's maybe some sort of CTB locker, but the steps to revert files doesn't work for me, and MalwareBytes isn't finding anything else.

I have both files and programs I cannot replace, so I really need to fix the files affected. Thanks in advance

↧

A undeletable virus in my computer

January 5, 2019, 8:59 am

≫ Next: 6 programs say no viruses but Clamwin still says 2 infected files, are these false p?

≪ Previous: URGENT: Virus corrupted tonnes of files

In a hidden folder ProgramData in C drive, there are two folder name

{fc8ca104-8637-919e-d688-a2f9ec1789f5} and
{F1A1E9D5-CEE6-9CB3-D688-A2F9EC1789F5}

I belive it is a 'shortcut virus'.
I try to delete them but theY automatically come back.

Months ago my pendrive was affected from 'shortcut virus' whose name was SOMEWHAT similar to {F1A1E9D5-CEE6-9CB3-D688-A2F9EC1789F5}

Every time I format, the virus come back automatically.

My computer is running slow ever since.

Another reason I think this is a virus because my chrome ask me for 'I am not a robot' siting reason somewhat similar to this
'a lot of requests or seemingly automated behavior'.

I download only legitimate softwares like python and java and I don't recall downloading any illegal software.
But, I cannot rule out the cases where such software are downloaded automatically/bi-mistake because I have low computer litreacy.

I don't watch porn and I strongly feel that neither does any other user of this pc.

As of now, I dont have anti-virus (because I thought I always download legitimate softwares so I dont need one).
I have downloaded dds.scr as mentioned on site.

P.S:- This is my first question so forgive any mistakes.

↧

6 programs say no viruses but Clamwin still says 2 infected files, are these false p?

January 8, 2019, 3:45 pm

≫ Next: i have malware, how do i remove it or how do i fix it?

≪ Previous: A undeletable virus in my computer

Hi there,
So I bought a brand new tv at walmart, long story short is it needed some updated firmware, so i found a fix on reddit, downloaded it, put it on a usb and it fixed my tv. The next day all of the sudden my computer started talking to me as if there was a webpage open and it was freezing. It was saying "Moonlight by hellware" and " I love AAAAAAAAA" so did some research and saw that I had a trojan. I dont know if the thing i downloaded the day before had the virus or if it was from awhile ago cuz the computer has always been really slow like it shouldnt be. So I Downloaded afew programs and it said that I had the moonlight trojan and Proweliks trojan. I've followed multiple websites instructions on how to delete everything and 6 of the 7 programs say the computer is now clean. Avast, CCleaner, Clamwin, Malwarebyte, Hitmanpro, Zemana, and Farbar the only one saying anything is Clamwin. These are the files that are showing up as infected:

C:\Users\Vanessa\AppData\Local\Apple\Apple Software Update\iTunes64.msi: Win.Worm.Runouce-528 FOUND
C:\Windows\Installer\f196.msi: Win.Trojan.Agent-1387217 FOUND

Do you think that these are just false positive that Clamwin is recognizing? I read on another threat that this was the case with hers so I was just seeing what you think? Let me know what you think and if you need me to run anything and post the logs on here, I appreciate it soooo much!!!
Thank you so much,
Travis

↧

i have malware, how do i remove it or how do i fix it?

January 17, 2019, 4:41 pm

≫ Next: remove ads

≪ Previous: 6 programs say no viruses but Clamwin still says 2 infected files, are these false p?

Hi, today my malware bytes scanned 2 malware on my laptop, im not sure what I am suppose to do. what do I need to do to fix this? or how do I get rid of these 2 malware on my laptop?

↧

remove ads

January 20, 2019, 6:46 am

≫ Next: Koobface worm infected me

≪ Previous: i have malware, how do i remove it or how do i fix it?

so i was trying to get some ads removed and was directed here. they keep popping up on the bottom right of my screen. this started after i accidentally allowed putlocker.com to keep me updated on things happening on the website. and i tried reversing that process but that did not help. original post is here. https://www.techsupportforum.com/for...s-1234122.html

↧

Koobface worm infected me

January 26, 2019, 9:08 pm

≫ Next: Bookmarks problem, my fault...

≪ Previous: remove ads

So apparently i got a call regarding those popups i posted about a while ago. Well they came back and i thought they were harmless but this phone call lead to an GoToAssist session with them going through my command prompt and opening up the netstat showing like 20+ foreign connections. They told me it came through an email unfortunately i hung up once they mentioned a fee thinking it was a scam. But they did a dir/s command on the command prompt and the end stated "Koobface detected" . They ended up running it again and it had "Email attatchment... system critical."

↧

Bookmarks problem, my fault...

February 2, 2019, 4:03 am

≫ Next: smartpackagetracker popups

≪ Previous: Koobface worm infected me

Hi folks, (I hope this is the correct place to post this)

(Background) I've used FF for years and was using ver 65, 64bit, on Win 10, latest build and up to date. Occasionally, my Malwarebytes, flags and stops an outbound (call home) "something" that emanates from my "C drive".....See below:

Malwarebytes
www.malwarebytes.com

-Log Details-
Protection Event Date: 2/1/19
Protection Event Time: 4:50 PM
Log File: 7561b2b8-266b-11e9-b409-80fa5b26d8b5.json

-Software Information-
Version: 3.6.1.2711
Components Version: 1.0.508
Update Package Version: 1.0.9068
License: Premium

-System Information-
OS: Windows 10 (Build 17763.253)
CPU: x64
File System: NTFS
User: System

-Blocked Website Details-
Malicious Website: 1
, , Blocked, [-1], [-1],0.0.0

-Website Data-
Category: Trojan
Domain: www.philanthropyroundtable.org
IP Address: 40.123.47.58
Port: [49892]
Type: Outbound
File: C:\Program Files\Mozilla Firefox\firefox.exe

Usually I run scans and one of those programs, like "Rogue Killer" etc, takes care of it. This time it didn't and my "mess up" begins.
I went to " C:\Program Files\Mozilla Firefox\firefox.exe" and could not find anything (I probably wouldn't know what I was looking for anyway).

First I deleted the FF.exe file, which looked like another short cut. I thought that wouldn't do much harm.
Second Of course, FF would not open,

So Third I uninstalled FF, using Revo Uninstaller

Fourth I downloaded and installed FF.

Of course, by then I realized that I would have to reset up FF again, for everything. (Stupid, Stupid) Everything including my "Bookmarks" which were gone.

Please help! Is there a way I can retrieve my "Bookmarks" from somewhere? (Somehow I don't think there is but what do I know?)
I can send any other info you all might need, I'm just hoping someone can help.....

Yours,
Stan

↧

smartpackagetracker popups

February 2, 2019, 3:01 pm

≫ Next: Malware Removal Help Posting Instructions

≪ Previous: Bookmarks problem, my fault...

Without deliberately installing anything, malware (smartpackagetracker) now causes popups several times a day.
Example screenshot attached.
Please help.
**********************
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.201.2
Run by Kenneth Rivalsi at 17:51:17 on 2019-02-02
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.7990.3923 [GMT -5:00]
.
AV: Norton Internet Security *Enabled/Updated* {A2708B76-6835-6565-CB96-694212954A75}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security *Enabled* {9A4B0A53-225A-643D-E0C9-C077EC460D0E}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\system32\Hpservice.exe
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
C:\WINDOWS\system32\DbxSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k iissvcs
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k SPOCJS
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\NortonSecurity.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Program Files\rempl\sedsvc.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\system32\atieclxx.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\NortonSecurity.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.38.138.0_x64__kzf8qxf38zg5c\SkypeApp.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.18114.17710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11811.1001.18.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18112.14311.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1811.3241.0_x64__8wekyb3d8bbwe\Calculator.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Microsoft Office\Office14\WINWORD.EXE
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\splwow64.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\prevhost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://search.norton.com/?prt=NIS&chn=1550&geo=US&ver=22.11.2.7&locale=en_US&guid=C2839700-452A-11E0-874C-EB4BB1146502&doi=2018-02-01&o=APN11915
uSearch Bar = Preserve
uProxyOverride = <-loopback>;*.local
BHO: Norton Password Manager: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.16.3.21\coIEPlg.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_201\bin\jp2ssv.dll
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.16.3.21\coIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.16.3.21\coIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - <orphaned>
uRun: [googletalk] C:\Users\Kenneth Rivalsi\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [OneDrive] "C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
uRun: [GoogleChromeAutoLaunch_1CCAC9EBABA8234BAB75526DDDC69B7B] "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --no-startup-window /prefetch:5
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{d49ed8a4-1478-4426-9e3d-52970edcd979} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{efa0cdec-f76a-4709-b1d4-4b5f82b2f6f1} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Password Manager: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\coIEPlg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\coIEPlg.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-7-1 82664]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-12-12 58168]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2011-3-3 56336]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymEFASI64.sys [2019-1-19 1969328]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-11 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20190129.006\BHDrvx64.sys [2019-1-31 1925104]
R1 ccSet_NGC;NGC Settings Manager;C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccsetx64.sys [2019-1-19 189152]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20190201.062\IDSvia64.sys [2019-2-1 1424904]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NGCx64\1610030.015\IRONx64.sys [2019-1-19 308416]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys [2019-1-19 567024]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2016-10-6 89600]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2917864]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-8-2 2709480]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-8-23 83768]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_3fa73c4;Connected Devices Platform User Service_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-15 414720]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-18 3058392]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2019-1-22 51024]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2011-5-13 30520]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IntelHaxm;Intel HAXM Service;C:\WINDOWS\System32\drivers\IntelHaxm.sys [2017-4-13 180904]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 NortonSecurity;Norton Security;C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\NortonSecurity.exe [2019-1-19 328648]
R2 nsWscSvc;Norton WSC Service;C:\Program Files (x86)\Norton Internet Security\Engine\22.16.3.21\nsWscSvc.exe [2019-1-19 915712]
R2 OneSyncSvc_3fa73c4;Sync Host_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-4-30 337776]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-15 760888]
R2 sedsvc;Windows Remediation Service;C:\Program Files\rempl\sedsvc.exe [2019-1-11 325432]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 SPOCJS;Jack Sensing Service for USB Audio;C:\WINDOWS\System32\svchost.exe -k SPOCJS [2018-4-11 51288]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-12-12 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-3-30 253960]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-8 2533400]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_3fa73c4;Windows Push Notifications User Service_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 clwvd;HP Webcam Splitter;C:\WINDOWS\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2018-4-11 153296]
R3 HECIx64;Intel(R) Management Engine Interface;C:\WINDOWS\System32\drivers\HECIx64.sys [2010-4-30 56344]
R3 Impcd;Impcd;C:\WINDOWS\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\WINDOWS\System32\drivers\lan9500-x64-n650f.sys [2018-1-18 111312]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-3-30 52904]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbaud;HP USB Media Port Rep Audio;C:\WINDOWS\System32\drivers\usbaud64.sys [2011-11-16 232064]
R3 wdkmd;Intel WiDi KMD;C:\WINDOWS\System32\drivers\WDKMD.sys [2010-4-16 39832]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys [2019-1-19 25744]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/02/08 00:50:00;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-2-8 245232]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-5-28 102912]
S3 BcastDVRUserService_3fa73c4;GameDVR and Broadcast User Service_3fa73c4;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-12-12 92688]
S3 BluetoothUserService_3fa73c4;Bluetooth User Support Service_3fa73c4;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S3 DevicePickerUserSvc_3fa73c4;DevicePicker_3fa73c4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_3fa73c4;DevicesFlow_3fa73c4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2017-5-18 131984]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-15 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GoogleChromeElevationService;Google Chrome Elevation Service;C:\Program Files (x86)\Google\Chrome\Application\71.0.3578.98\elevation_service.exe [2018-12-13 443872]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_3fa73c4;MessagingService_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PimIndexMaintenanceSvc_3fa73c4;Contact Data_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_3fa73c4;PrintWorkflow_3fa73c4;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-11 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader;C:\WINDOWS\System32\drivers\RtsUStor.sys [2011-2-8 232992]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-15 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-13 976384]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2017-5-18 166288]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-2 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-13 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UnistoreSvc_3fa73c4;User Data Storage_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 UserDataSvc_3fa73c4;User Data Access_3fa73c4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-11-13 36352]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-15 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-12-12 83456]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-11-13 787456]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-6-3 61992]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [2018-6-3 4682552]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-11-13 228864]
S3 WinRing0_1_2_0;WinRing0_1_2_0;C:\Users\Kenneth Rivalsi\Downloads\RealTemp_370\WinRing0x64.sys [2008-7-26 14544]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 wpCtrlDrv_NGC;Symantec Webcam Control functional driver;C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys [2019-1-19 1011056]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-11 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 SymEvnt;Symantec Eventing Platform;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\SymPlatform\SymEvnt.sys [2018-10-31 678616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2019-02-02 12:44:30 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{DB2F1EDA-8BDF-431C-9D9D-ACC43068430C}
2019-02-01 22:04:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{7B00B56A-BF9B-4A57-B726-40F8386A44C9}
2019-02-01 03:53:43 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{48D85AA0-4352-4CDE-A03F-E92B4903C7F6}
2019-01-31 15:53:24 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C8632BF5-8216-42CA-B816-1D9F1D1E57FD}
2019-01-31 03:53:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A1710E35-1571-421E-BC56-C0CFC48DE8EA}
2019-01-31 01:19:51 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\Corel
2019-01-30 15:53:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{9DD22711-FE3D-4307-8C85-D8143D13999E}
2019-01-30 12:59:59 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\NPE
2019-01-30 03:52:49 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{37979D0F-6AD2-486F-8526-CC4FEBD02181}
2019-01-29 13:59:19 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{443520E7-1D7D-4716-8041-DF507332C9D0}
2019-01-29 01:47:17 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{871B61C0-4631-4874-A435-32B1D179D053}
2019-01-28 13:46:57 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{632F33DA-3902-4340-8873-FA8384994BE9}
2019-01-28 01:46:39 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{E5C22127-8DF2-4E29-BB41-66B16EF400AC}
2019-01-27 13:46:34 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BEB1308B-4C01-4293-80E0-1F5588C5A5D6}
2019-01-27 01:46:15 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BE134CAC-9173-4AB0-AC55-A4AD02F6A165}
2019-01-27 00:04:12 -------- d-----w- C:\Program Files\Common Files\Protexis
2019-01-26 23:52:54 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\Corel PhotoMirage
2019-01-26 23:40:13 -------- d-----w- C:\Program Files (x86)\Pic to Painting
2019-01-26 23:00:10 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\Corel PaintShop Pro
2019-01-26 22:59:25 -------- d-----w- C:\Program Files (x86)\Common Files\Protexis
2019-01-26 22:55:41 -------- d-----w- C:\Program Files\Corel
2019-01-26 22:51:21 -------- d-----w- C:\Program Files (x86)\Corel
2019-01-26 13:45:47 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{F6B042D4-1BD0-4387-A25C-43C88CB59779}
2019-01-26 01:17:34 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{143DC145-EF4B-44B5-B16C-5BF00D727582}
2019-01-25 13:17:25 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BF1FDE1B-F8B8-4DB1-AFBA-6404FD65FE64}
2019-01-25 01:10:35 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{F689CC1C-9B73-4FF2-8ADE-76A5137BB5DD}
2019-01-24 13:10:13 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{076721B4-D008-4144-9BA4-532D43682CBF}
2019-01-23 14:02:47 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{7E107F90-4C8F-4BC9-ADDE-F771579CEFAA}
2019-01-23 02:02:23 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{899EC385-3E36-4262-BF77-BAC53A401987}
2019-01-22 14:00:54 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{AC561291-B94F-4E92-84DD-2145787BBBFF}
2019-01-22 13:14:16 51024 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2019-01-22 13:14:16 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2019-01-22 13:14:16 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2019-01-22 13:14:16 47800 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2019-01-22 02:00:38 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{93DD09F3-1CA1-4452-8AD2-8E28F3FD0B1E}
2019-01-21 14:00:17 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C30691BF-8144-4C62-B66C-BA0351F1A0C1}
2019-01-21 02:00:01 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{380ADDEF-4864-4EAF-9E51-EAACA59B79AF}
2019-01-20 13:59:36 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{93E7171C-560A-44C8-8451-309CD6F21D5C}
2019-01-20 00:43:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{552F86BE-B751-49B3-9496-86C9F0777686}
2019-01-19 12:54:13 -------- d-----w- C:\Program Files (x86)\Common Files\Oracle
2019-01-19 12:50:07 468616 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symtdiv.sys
2019-01-19 12:50:07 1011056 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\wpCtrlDrv.sys
2019-01-19 12:50:06 855256 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\srtsp64.sys
2019-01-19 12:50:06 567024 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\symnets.sys
2019-01-19 12:50:06 49880 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\srtspx64.sys
2019-01-19 12:50:06 308416 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\IRONx64.sys
2019-01-19 12:50:06 25744 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymELAM.sys
2019-01-19 12:50:06 1969328 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\SymEFASI64.sys
2019-01-19 12:50:06 189152 ----a-w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015\ccsetx64.sys
2019-01-19 12:49:39 -------- d-----w- C:\WINDOWS\System32\drivers\NGCx64\1610030.015
2019-01-19 12:42:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{B3349087-0FD0-478F-833E-71AAF27C6B9C}
2019-01-18 22:33:14 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C375CB9F-9825-4ED0-9FA4-131C5C26C642}
2019-01-18 02:08:09 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{9F98F57B-CD78-4DA0-8851-F025120EC003}
2019-01-17 14:07:01 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C3DBA6E3-407D-47C2-B3B0-5127E0A7BDEF}
2019-01-17 07:49:36 18650984 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSO.DLL
2019-01-16 18:19:30 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{0416AFAC-3F62-4605-86E6-DA7192BE0294}
2019-01-16 03:45:48 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{F16E8C41-A57F-4455-A9C8-2ACE0EA185F0}
2019-01-15 15:45:45 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D5B8C18A-102A-476E-8F35-20D0B632E96C}
2019-01-15 03:45:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{28EAD64A-76D8-444B-B184-2BB856192E56}
2019-01-14 22:56:48 -------- d-----w- C:\ProgramData\Protexis64
2019-01-14 15:45:24 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A263B674-C2E6-448D-9BF4-7C47C13F40ED}
2019-01-14 03:45:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{17A3666E-2543-460C-92B1-8460CB3BFC6F}
2019-01-13 15:45:05 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{9E8C03C8-89D0-4D15-AF7A-C9B9B6EDBE12}
2019-01-13 03:44:45 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{1AF0A363-0B8E-40C8-9959-A16BF84DDDE0}
2019-01-12 14:47:45 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{DD95300F-7E0A-4A17-AABF-D0AAA54BA8FF}
2019-01-12 01:51:09 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{6942C30F-5FDC-4166-A6A7-66B16EB40C2C}
2019-01-11 13:51:03 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A3AD598E-9E6B-42C5-B1FB-D0A6A927D2D2}
2019-01-10 20:16:40 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{37EC8F1A-B9A0-4A73-BCB1-9683B6D8E634}
2019-01-10 20:14:05 6161920 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
2019-01-08 13:21:35 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BA34B9D9-9026-4D2D-9888-F53B78B0017D}
2019-01-07 16:00:34 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{6B55169D-6CE7-4EF1-8777-5C893D6353E1}
2019-01-07 04:00:18 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{58F6D167-C9BE-40B1-8B8E-17526BF6B8EF}
2019-01-06 16:00:15 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D520E386-FCB8-455B-AC37-F1E7442910F2}
2019-01-06 03:59:58 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3B02DB7F-EB73-4480-9D00-AF6C547B1E39}
2019-01-05 13:48:13 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D1D55737-8256-4F07-AB95-A4FA1AFA2EE8}
2019-01-05 01:47:55 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BD3F0196-89F2-4EC1-9C31-A2F70CD5FF67}
2019-01-04 13:47:51 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{74EC8F9E-E99A-428A-86D1-326EC3777978}
2019-01-04 01:47:33 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{79B8308F-3F89-4D75-81A2-369CA6B94897}
.
==================== Find3M ====================
.
2019-01-30 15:24:29 144368 ------w- C:\WINDOWS\System32\drivers\rikvm_C6F09094.sys
2019-01-19 12:51:24 99192 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2019-01-02 19:41:40 835480 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2019-01-02 19:41:40 179600 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2019-01-01 13:50:14 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2019-01-01 13:47:36 225792 ----a-w- C:\WINDOWS\System32\windowslivelogin.dll
2019-01-01 13:45:57 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2019-01-01 13:45:47 714752 ----a-w- C:\WINDOWS\System32\wlidcli.dll
2019-01-01 13:43:48 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2019-01-01 13:20:16 165888 ----a-w- C:\WINDOWS\SysWow64\windowslivelogin.dll
2019-01-01 13:18:05 500736 ----a-w- C:\WINDOWS\SysWow64\wlidcli.dll
2019-01-01 13:17:39 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2019-01-01 07:14:47 1063224 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2019-01-01 07:14:47 1029944 ----a-w- C:\WINDOWS\System32\hvax64.exe
2019-01-01 07:14:46 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2019-01-01 07:14:39 566568 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2019-01-01 07:14:39 1221432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2019-01-01 07:14:37 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2019-01-01 07:13:36 709728 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2019-01-01 07:13:36 3292152 ----a-w- C:\WINDOWS\System32\combase.dll
2019-01-01 07:13:30 436024 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2019-01-01 07:13:30 1363536 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2019-01-01 07:13:21 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2019-01-01 07:12:59 7520104 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2019-01-01 07:12:53 9084216 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2019-01-01 07:12:45 2465792 ----a-w- C:\WINDOWS\System32\msxml6.dll
2019-01-01 07:12:39 268304 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2019-01-01 07:12:35 2421288 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2019-01-01 07:12:29 43536 ----a-w- C:\WINDOWS\System32\browser_broker.exe
2019-01-01 07:12:26 713272 ----a-w- C:\WINDOWS\System32\MSVideoDSP.dll
2019-01-01 07:12:20 128824 ----a-w- C:\WINDOWS\System32\drivers\tm.sys
2019-01-01 06:55:34 25856512 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2019-01-01 06:50:40 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2019-01-01 06:48:10 79360 ----a-w- C:\WINDOWS\System32\Print.Workflow.Source.dll
2019-01-01 06:48:03 81920 ----a-w- C:\WINDOWS\System32\drivers\wanarp.sys
2019-01-01 06:48:01 342528 ----a-w- C:\WINDOWS\System32\browserexport.exe
2019-01-01 06:47:38 433152 ----a-w- C:\WINDOWS\System32\MusNotification.exe
2019-01-01 06:47:17 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2019-01-01 06:46:47 153088 ----a-w- C:\WINDOWS\System32\dssvc.dll
2019-01-01 06:46:13 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2019-01-01 06:46:03 209408 ----a-w- C:\WINDOWS\System32\MicrosoftAccountTokenProvider.dll
2019-01-01 06:45:47 352768 ----a-w- C:\WINDOWS\System32\dhcpcore.dll
2019-01-01 06:45:13 2368512 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2019-01-01 06:45:03 7573504 ----a-w- C:\WINDOWS\System32\Chakra.dll
2019-01-01 06:44:49 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2019-01-01 06:44:46 456192 ----a-w- C:\WINDOWS\System32\Windows.Graphics.Printing.Workflow.dll
2019-01-01 06:44:44 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2019-01-01 06:44:28 662528 ----a-w- C:\WINDOWS\System32\wlidprov.dll
2019-01-01 06:44:03 1549824 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2019-01-01 06:42:36 1371136 ----a-w- C:\WINDOWS\System32\aadtb.dll
2019-01-01 06:42:29 2247680 ----a-w- C:\WINDOWS\System32\wlidsvc.dll
2019-01-01 06:42:17 717312 ----a-w- C:\WINDOWS\System32\Windows.Web.dll
2019-01-01 06:42:11 4939776 ----a-w- C:\WINDOWS\System32\wininet.dll
2019-01-01 06:41:40 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2019-01-01 06:41:32 895488 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll
2019-01-01 06:41:22 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2019-01-01 06:41:04 899072 ----a-w- C:\WINDOWS\System32\kerberos.dll
2019-01-01 06:37:59 2478664 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2019-01-01 06:37:58 880048 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2019-01-01 06:37:56 381240 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2019-01-01 06:37:50 1989040 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2019-01-01 06:37:32 6571584 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2019-01-01 06:37:13 581808 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2019-01-01 06:29:00 22016512 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2019-01-01 06:17:25 153088 ----a-w- C:\WINDOWS\SysWow64\MicrosoftAccountTokenProvider.dll
2019-01-01 06:16:52 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2019-01-01 06:16:49 5775872 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2019-01-01 06:16:41 310272 ----a-w- C:\WINDOWS\SysWow64\wincorlib.dll
2019-01-01 06:15:47 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2019-01-01 06:15:37 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2019-01-01 06:15:18 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2019-01-01 06:15:13 317440 ----a-w- C:\WINDOWS\SysWow64\dhcpcore.dll
2019-01-01 06:14:50 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2019-01-01 06:14:08 4514816 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2019-01-01 06:14:06 330752 ----a-w- C:\WINDOWS\SysWow64\Windows.Graphics.Printing.Workflow.dll
2019-01-01 06:13:26 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2019-01-01 06:13:16 594432 ----a-w- C:\WINDOWS\SysWow64\Windows.Web.dll
2019-01-01 06:12:54 1036288 ----a-w- C:\WINDOWS\SysWow64\aadtb.dll
2019-01-01 06:12:44 795648 ----a-w- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
2019-01-01 06:12:18 516608 ----a-w- C:\WINDOWS\SysWow64\wlidprov.dll
2019-01-01 06:12:11 778240 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll
2018-12-19 04:49:12 352768 ----a-w- C:\WINDOWS\SysWow64\msrd3x40.dll
2018-12-14 07:29:22 1130760 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-12-14 07:25:40 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-12-14 07:21:46 1098064 ----a-w- C:\WINDOWS\System32\msvproc.dll
2018-12-14 07:21:44 1457240 ----a-w- C:\WINDOWS\System32\winload.efi
2018-12-14 07:21:43 1140480 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-12-14 07:21:42 982912 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-12-14 07:21:42 1257672 ----a-w- C:\WINDOWS\System32\winload.exe
2018-12-14 07:10:38 1295360 ----a-w- C:\WINDOWS\SysWow64\MSVPXENC.dll
2018-12-14 06:55:44 3396608 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-12-14 06:55:04 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-12-14 06:54:39 1307648 ----a-w- C:\WINDOWS\System32\MSVPXENC.dll
2018-12-14 06:54:31 6032384 ----a-w- C:\WINDOWS\System32\d2d1.dll
2018-12-14 06:52:49 2173440 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-12-14 06:52:44 1826816 ----a-w- C:\WINDOWS\System32\Windows.CloudStore.dll
2018-12-14 06:51:24 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-12-08 12:47:28 1048712 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll
2018-12-08 12:47:15 645320 ----a-w- C:\WINDOWS\System32\advapi32.dll
2018-12-08 12:46:44 549760 ----a-w- C:\WINDOWS\System32\AppResolver.dll
.
============= FINISH: 17:53:13.16 ===============

Attached Thumbnails

Click image for larger version

Name: picture_popup.png
Views: N/A
Size: 176.0 KB
ID: 322774

Attached Files

attach.txt (18.7 KB)

↧

Malware Removal Help Posting Instructions

February 23, 2019, 3:07 pm

≫ Next: BIOS virus

≪ Previous: smartpackagetracker popups

Welcome to Tech Support Forum

Virus/Trojan/Spyware Removal Help

(formerly Hijackthis Log Help)

* DO NOT FIX ANY ENTRIES OR DELETE ANY FILES YOURSELF. Do not run any specialized tools that you see being used in other threads without direct supervision from one of our trained analysts. Be advised that running any specialized tools not listed in this topic, on your own, is done solely at your own risk

* It is also this forum's policy that we only address users with a legal copy of Windows. If during the course of a fix it is determined that the copy is not legal, we must stop the cleansing process.

=============================

How Soon Can I Expect Help?

=============================

Please be considerate of the fact that the people helping you are all volunteers, and in many cases usually have a job, and a limited amount of time to help, and therefore can only do so much. Also please note that there are many more people in need of assistance than there are trained staff members who may assist. Patience for this free assistance is required. If there is an immediate need, please take the machine to a local technician.

If no one has replied to your thread within 72hrs after you posted, please reply in your thread with the words "BUMP, please" to move it forward. Do NOT bump the thread unless 72 hours has passed. We try to work from oldest to newest posts so your wait will be longer if you bump it forward before the 72 hours is up. When looking threads to respond to, we look for threads with 0 reply, or 1 reply. If you bump, or add a post prior to the 72 hrs, your thread is highly likely to be overlooked by our queuing methods.

Additionally, do not bump more than once. If you do, it may appear as though the thread is being handled, and it may be overlooked. Early bump posts will be deleted.

NOTE: We are aware that users sometimes seek help from several Forums at the same time. Unfortunately, this can cause confusion and actually wastes time and resources - yours, ours and other Volunteers across the community. If you have already posted at another Forum, please advise us, or them, and choose just one.

Also be advised:

It is not our intent to repeatedly remove malware from the same member's machines. The intent of this free service performed by volunteers is to help remove malware from your machine, educate you on how it may have happened, and how to prevent that from happening again. To this end, we provide links to articles and tools which should make your visit to the Virus/Trojan/Spyware Help section of TSF a one time event. Please do enjoy the rest of Tech Support Forum as many times as you like!

==================================================

Change Your Login and Passwords to Financial Sites

==================================================

Many infections that the commercial scanners are failing to remove are the type of infections that allow hackers to remotely control your computer, steal critical system information and download and execute files without your knowledge.

If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all login and passwords where applicable. It would be wise to contact those same financial institutions to apprise them of your situation.

Do not change passwords or do any transactions from the infected computer until it has been cleaned.

===========================================

Preparing for the Malware Removal Process

===========================================

While we try our hardest to avoid them, accidents do happen. With today's malware being as it is, neither Tech Support Forum nor the Analyst providing the advice may be held responsible for any loss of your data. You're following the instructions given at your own risk. We recommend that you back up any data thats important to you beforehand, just in case the worst happens.

1. As a general rule, to offset any unexpected mishaps, your personal data should be backed up regularly. If you do not already have a process in place that backs up your data, it is highly recommended you do this now.

2. If you suspect the machine to have cracked (illegal) software installed, click here.

3. Uninstall the following via Add or Remove Programs in Control Panel:

If you have more than one antivirus software installed, leave only ONE and uninstall the others.
File Sharing programs, otherwise known as P2P programs (Peer to Peer) such as uTorrent, Bittorrent, LimeWire, Morpheus, Azureus, Kazaa., as they are a major conduit for malware and a likely source of your current issues. See this link

=================================

Downloads and Reports Required:

=================================
Before scanning, ensure all other running programs are closed. Do not use your computer for anything else during the scan.

Also, ensure there aren't any scheduled antivirus scans running while the FRST scan is being performed.

*Note - Some antivirus programs falsely detect FRST as a threat.

====
FRST:
====
Download FRST and save it to your desktop from here

Note: You need to run the version compatible with your system.
If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system; that will be the right version.

Double-click FRST then click the 'Scan' button to run the tool.
When done, FRST will save 2 logs to your desktop.

FRST.txt
Addition.txt

===========================
How the logs should be furnished:
===========================

Copy/Paste the contents of 'FRST.txt' to be posted as text to your post.

Please **attach** the 'Addition.txt' log to your reply.

When posting your reply, the Addition.txt file may be attached by clicking the [Manage Attachments] button.
It's located under [Additional Options] on the composition page.
Browse to where you saved the file, and click Upload.

Attachment 323018

=================================

When posting the logs, please observe the following

=================================

Describe your issue/problem in DETAIL!. We cannot second guess as to what your issue(s) may be. Please provide as much detail as possible, including virus/trojan/worm names and locations if available. The more information you can give us the better we can help
Only Attach the logs that we've specifically requested for you to. (Otherwise post it as text in the Reply box).
DO NOT Wrap the log using Quote or Code tags. (DO make sure notepad word-wrap is OFF)
DO NOT Post another Programs log (Unless we specifically ask for it)
DO NOT Cut off the header of any log (It contains important information for the Analyst)
DO NOT Private Message the Analyst unless asked to do so.
DO NOT post live suspicious links. We do appreciate that you want to give as much information as possible, but the links need to be munged. Alter the links to use hxxp:// instead of https://

Click here to post the following logs in the Virus/Trojan/Spyware Help Forum

Checklist

FRST.txt - copy/pasted directly into Reply box
Addition.txt - attached to post
Rootkits and other infections that alter critical/legit Windows files have become commonplace. To facilitate a more rapid cleaning of your system, also tell us whether or not you have/have access to a Windows Install disc, or a Boot CD

Once you have posted, subcribe to your thread by going to Thread Tools located at the top of the thread.
Select Subscribe. Make sure it is set to Instant Notification.

This concludes the basic steps required before posting your logs. Thank you for taking the time to read this.
__________________

Attached Thumbnails

Click image for larger version

Name: Malware%20instructions%20revision.jpg
Views: N/A
Size: 72.1 KB
ID: 323018

↧

BIOS virus

March 13, 2019, 2:11 pm

≫ Next: Scammed: Pressed Microsoft Icon / R

≪ Previous: Malware Removal Help Posting Instructions

I have this BIOS virus in my computer for 2 years.

The virus inserts bbbbbb into keyboard whenever I type.

It is certainly not hardware fault on the keyboard.

Because this virus haunt my input in a cyclical manner.

No problem for a few days,
then the symptoms start to surface mildly not inserting too many bbbbbb initially, and a few days later went into full blown harassment.

It took me 5 mins just to type the above.

It is intelligent in a way that whenever I use backspace repeatedly to remove unwanted bbbbbbbbbbbbbb, it will jam the backspace at time and force more bbb into the keyboard hence making typing extremely inefficient.

I tried all sorts of virus scan, mbr scan, and even rescue disk scan from 5 to 6 of the popular virus scanner. To no avail.

I even tried to switch from Windows to Ubuntu OS.
I also tried format the harddisk and reinstall the OS,
again, good for a few days then problem surface again.

just to show you the sample without trying to backspace edit the typing, i will type in a to z in the next line.

babcdbefgbbbbbbbbbbhibjlbbbbbbbblmnbobpbqrstubvbwxbybbbzbbbbbbbbbb

I tried to get in touch with the manufacturer of this laptop but they don't respond to my request, what I ask from them is a copy to refresh my BIOS.

Below is the BIOS info
-----
BIOS Information
Vendor: Phoenix Technologies LTD
Version: NAPA0001.86C.0059.D.0812111109
Release Date: 12/11/08
Address: 0xE6AA0
Runtime Size: 103776 bytes
ROM Size: 1024 kB
Characteristics:
ISA is supported
PCI is supported
PC Card (PCMCIA) is supported
PNP is supported
APM is supported
----

I email to Phoenix, again no reply.

Does anyone know where to get a refresh copy of the BIOS.

or that you have a better idea to solve this virus issue.

↧

Scammed: Pressed Microsoft Icon / R

March 14, 2019, 3:21 pm

≫ Next: [SOLVED] Scammed: Pressed Microsoft Icon / R: Part 2

≪ Previous: BIOS virus

My elderly neighbours were scammed: They pressed the Microsoft Icon and R on their Windows 10 Dell Desktop computer.... upgraded from Windows 7.

I've seen these types of malware/ viruses before but the new catch is, not only does the malware disconnect the desktop - which is connect via Ethernet cable - iPhone, iPad, or any other computers can't access Wi-Fi. They have AT&T as their IP.

Their Desktop computer is at my access, I haven't connect their desktop to my computer yet.

Thank you for any assistance you can give me.

↧

[SOLVED] Scammed: Pressed Microsoft Icon / R: Part 2

April 7, 2019, 8:38 am

≫ Next: Malware?

≪ Previous: Scammed: Pressed Microsoft Icon / R

https://www.techsupportforum.com/for...r-1235472.html

I apologize for the delay. When others assist free of charge, their time should not be wasted. Illness prevent me from do what was requested but I have done it now, Info is in an attachment. Thank you for your assistance.

Another thing... on own my router verses by neighbor's router, I had no issues in connecting... we couldn't access the Internet with any other devices like smartphones or tablets. Will I have to do something at the router? This computer was the one connect to via Ethernet and its the computer he pressed Microsoft icon and R. Thanks

Attached Files

FRST.txt (24.4 KB)

↧