I was told to post this in the Spyware/Trojan page. I keep being directed to this composition page. I trust this is part of the page I was told to post. I am both pasting and attaching the two separate logs I just completed last night.
Here is my problem:
A couple of months ago I lost the ability to open Mozilla Firefox. My personal profile was missing or inaccessible. It doesn't even recognize my default personal profile number or code. When I went to my C drive and opened some folders, I received a message that my personal profile folder was actually EMPTY. My internet experiences in IE 11 have been pretty choppy the last few months.
A week or so ago, I finally consulted another help firm, and it ran a very extensive scan. I will summarize the help site's conclusions. As part of a small Wi-Fi network that includes my desktop computer and a laptop in another part of my house, it seems that unwanted "others" are also part of my network. AND, I have something called "Clampi" on my network, a specialized form of "network malware" that personal anti-malware such as Norton, Malwarebytes, Superantispyware, and Spyware Blaster have not picked up, because I was told Scampi is network malware.
I was told that my desktop computer and laptop are not themselves infected, but that the network we use, is. I'm being advised to purchase-at a hefty fee-network anti-malware, and that Mozilla might start working, again, once I have it installed. I often can't even open certain Norton Security news alerts and most of my downloaded files in my Documents and Download files (unless they are photos or pictures or art) because the Mozilla icon is attached to them and I get a message saying that my Mozilla default identity isn't working or Mozilla can't be located. And yet, I have it on my system
Frankly, I don't know what to think. Apparently, this "Clampi" began its rounds across the world a couple of months ago, about the time my Mozilla couldn't be opened. If there is a less expensive alternative to this nightmare, I would be open to it. I don't even know if the help site is correct in its diagnosis. They did an extensive diagnostic job on line for me, though. I also found that my Malwarebytes program couldn't be opened for a while. But, as soon as I have contacted the Malwarebytes Help Desk for assistance on that matter, it seemed to resolve itself. Someone listening in, maybe?
We don't run a business on our home computers, although we have done some financial communication and transactions. So far, they don't seem to have been compromised. You'd think they would be, by now. Perhaps the sites we utilize have strong safety features.
Anyway, here is the dds file and the attach file. I don't know how to zip it up before attaching it. Thanks for your help.
COPY/PASTE DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.0
Run by samar_000 at 17:00:29 on 2017-09-10
Microsoft Windows 10 Home 10.0.15063.0.1252.1.1033.18.8130.4559 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security *Enabled* {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\IProsetMonitor.exe
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\system32\lxeccoms.exe
C:\Windows\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\Program Files\TrueKey\McTkSchedulerService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\NIS.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\NIS.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Users\samar_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Users\samar_000\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.10.1.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.10.1.10\coIEPlg.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [OneDrive] "C:\Users\samar_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [Display] C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
StartupFolder: C:\Users\SAMAR_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7283d1fa-c566-4c0d-87d9-74e4a31ebd94} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\coIEPlg.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\coIEPlg.dll
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-6-4 73976]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-11 644968]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MBAMChameleon.sys [2017-1-26 188352]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2013-7-24 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2013-7-24 348552]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symefasi64.sys [2017-9-1 1868416]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20170906.001\BHDrvx64.sys [2017-9-9 1862816]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ccsetx64.sys [2017-9-1 187520]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2017-1-26 77376]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20170909.001\IDSvia64.sys [2017-9-9 1056920]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ironx64.sys [2017-9-1 301288]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symnets.sys [2017-9-1 566912]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-7-22 173472]
R2 APC Data Service;APC Data Service;C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [2012-1-24 21880]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2014-2-28 920736]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_1dab56a4;Connected Devices Platform User Service_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-11-16 3042544]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2014-2-28 207160]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-1-23 1858048]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-16 1156384]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2013-7-9 195336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-28 169432]
R2 lxec_device;lxec_device;C:\WINDOWS\System32\lxeccoms.exe -service --> C:\WINDOWS\System32\lxeccoms.exe -service [?]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-1-26 4470736]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2013-11-11 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2013-11-11 189912]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\nis.exe [2017-9-1 326144]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-3-3 458176]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-16 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-16 5568288]
R2 OneSyncSvc_1dab56a4;Sync Host_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-11-11 390632]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-7-13 336320]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-6 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-5-2 16928]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-7-13 142752]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_1dab56a4;Windows Push Notifications User Service_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2013-7-5 98984]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-8-10 97280]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-7-1 158336]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2017-1-27 101784]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2017-1-26 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2017-1-26 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2017-1-26 93600]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2013-7-24 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2013-7-24 523792]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-16 50472]
R3 PimIndexMaintenanceSvc_1dab56a4;Contact Data_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2016-2-25 607488]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2017-5-3 6804480]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
R3 UnistoreSvc_1dab56a4;User Data Storage_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 UserDataSvc_1dab56a4;User Data Access_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-7-13 757248]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2013-7-24 70600]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symelam.sys [2017-9-1 24608]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-3-18 39424]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2013-7-24 72128]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_1dab56a4;DevicesFlow_1dab56a4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_1dab56a4;MessagingService_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-6-15 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-3-18 891904]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-3-18 95648]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-6 87760]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-3-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-8-10 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-3-18 342264]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;LPA Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-6-15 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-09-01 04:18:27 566912 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symnets.sys
2017-09-01 04:18:27 49304 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\srtspx64.sys
2017-09-01 04:18:27 24608 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symelam.sys
2017-09-01 04:18:27 1868416 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symefasi64.sys
2017-09-01 04:18:26 810136 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\srtsp64.sys
2017-09-01 04:18:25 301288 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ironx64.sys
2017-09-01 04:18:25 187520 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ccsetx64.sys
2017-09-01 04:17:54 -------- d-----w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A
.
==================== Find3M ====================
.
2017-09-10 19:57:16 93600 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2017-08-28 07:24:16 101784 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
2017-08-28 07:24:15 45472 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2017-08-28 07:24:14 253856 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-08-01 02:39:54 8319392 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-08-01 02:38:47 406544 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2017-08-01 02:38:08 382368 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2017-08-01 02:36:56 119712 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2017-08-01 02:36:49 323488 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2017-08-01 02:36:29 750496 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-08-01 02:35:13 280472 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe
2017-08-01 02:35:09 133904 ----a-w- C:\WINDOWS\SysWow64\WerFaultSecure.exe
2017-08-01 02:34:39 610584 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2017-08-01 02:34:36 359552 ----a-w- C:\WINDOWS\SysWow64\Faultrep.dll
2017-08-01 02:34:32 349600 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2017-08-01 02:34:32 168864 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2017-08-01 02:33:57 473240 ----a-w- C:\WINDOWS\System32\policymanager.dll
2017-08-01 02:32:37 2444704 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-08-01 02:32:23 712600 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2017-08-01 02:32:04 820128 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2017-08-01 02:31:56 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-08-01 02:31:49 212384 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2017-08-01 02:31:01 176024 ----a-w- C:\WINDOWS\SysWow64\basecsp.dll
2017-08-01 02:30:52 315288 ----a-w- C:\WINDOWS\System32\WerFault.exe
2017-08-01 02:30:50 143736 ----a-w- C:\WINDOWS\System32\WerFaultSecure.exe
2017-08-01 02:30:25 723680 ----a-w- C:\WINDOWS\System32\wer.dll
2017-08-01 02:30:21 82336 ----a-w- C:\WINDOWS\System32\drivers\vmbkmcl.sys
2017-08-01 02:30:18 410160 ----a-w- C:\WINDOWS\System32\Faultrep.dll
2017-08-01 02:30:16 182688 ----a-w- C:\WINDOWS\System32\wermgr.exe
2017-08-01 02:30:09 411040 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2017-08-01 02:26:58 204192 ----a-w- C:\WINDOWS\System32\basecsp.dll
2017-08-01 02:20:54 404480 ----a-w- C:\WINDOWS\SysWow64\werui.dll
2017-08-01 02:20:40 154624 ----a-w- C:\WINDOWS\SysWow64\DWWIN.EXE
2017-08-01 02:20:33 2956288 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2017-08-01 02:18:16 13841408 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2017-08-01 02:18:13 2199552 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
2017-08-01 02:17:02 34816 ----a-w- C:\WINDOWS\SysWow64\tokenbinding.dll
2017-08-01 02:16:16 80896 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2017-08-01 02:14:09 35840 ----a-w- C:\WINDOWS\SysWow64\sscore.dll
2017-08-01 02:13:31 127488 ----a-w- C:\WINDOWS\SysWow64\fdeploy.dll
2017-08-01 02:13:30 20504064 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2017-08-01 02:13:12 364032 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2017-08-01 02:12:28 229888 ----a-w- C:\WINDOWS\SysWow64\scksp.dll
2017-08-01 02:10:19 358400 ----a-w- C:\WINDOWS\SysWow64\ieproxy.dll
2017-08-01 02:09:58 394240 ----a-w- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
2017-08-01 02:08:54 267264 ----a-w- C:\WINDOWS\SysWow64\ncryptprov.dll
2017-08-01 02:07:57 2671616 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2017-08-01 02:07:54 5961728 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2017-08-01 02:06:46 798208 ----a-w- C:\WINDOWS\SysWow64\TokenBroker.dll
2017-08-01 02:04:40 6269440 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2017-08-01 02:04:32 3656192 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2017-08-01 01:57:22 23677952 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-08-01 01:45:44 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-08-01 01:45:28 462848 ----a-w- C:\WINDOWS\System32\werui.dll
2017-08-01 01:45:03 92672 ----a-w- C:\WINDOWS\System32\wercplsupport.dll
2017-08-01 01:45:02 1275392 ----a-w- C:\WINDOWS\System32\werconcpl.dll
2017-08-01 01:44:53 184320 ----a-w- C:\WINDOWS\System32\DWWIN.EXE
2017-08-01 01:44:49 77824 ----a-w- C:\WINDOWS\System32\wsqmcons.exe
2017-08-01 01:44:32 83968 ----a-w- C:\WINDOWS\System32\drivers\vmbkmclr.sys
2017-08-01 01:42:55 2199552 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2017-08-01 01:41:48 42496 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2017-08-01 01:41:47 130560 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2017-08-01 01:41:36 180736 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2017-08-01 01:41:04 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-08-01 01:40:59 17366528 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2017-08-01 01:40:35 290816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2017-08-01 01:39:04 46592 ----a-w- C:\WINDOWS\System32\sscore.dll
2017-08-01 01:38:49 143872 ----a-w- C:\WINDOWS\System32\profsvcext.dll
2017-08-01 01:38:21 153088 ----a-w- C:\WINDOWS\System32\fdeploy.dll
2017-08-01 01:37:53 433664 ----a-w- C:\WINDOWS\System32\msIso.dll
2017-08-01 01:37:29 582656 ----a-w- C:\WINDOWS\System32\SmsRouterSvc.dll
2017-08-01 01:37:09 255488 ----a-w- C:\WINDOWS\System32\scksp.dll
2017-08-01 01:35:14 692736 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2017-08-01 01:34:37 805888 ----a-w- C:\WINDOWS\System32\ieproxy.dll
2017-08-01 01:33:49 1269760 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2017-08-01 01:33:28 315904 ----a-w- C:\WINDOWS\System32\ncryptprov.dll
2017-08-01 01:32:47 7336960 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-08-01 01:32:37 176640 ----a-w- C:\WINDOWS\System32\wersvc.dll
2017-08-01 01:31:25 4445696 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2017-08-01 01:31:03 1396736 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2017-08-01 01:30:43 8209920 ----a-w- C:\WINDOWS\System32\Chakra.dll
2017-08-01 01:30:42 303104 ----a-w- C:\WINDOWS\System32\srvsvc.dll
2017-08-01 01:30:27 1052160 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2017-08-01 01:30:18 2055168 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2017-08-01 01:30:09 3377664 ----a-w- C:\WINDOWS\System32\tquery.dll
2017-08-01 01:28:51 2516480 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2017-08-01 01:28:43 4730368 ----a-w- C:\WINDOWS\System32\jscript9.dll
2017-08-01 01:27:25 574464 ----a-w- C:\WINDOWS\System32\configmanager2.dll
2017-08-01 01:27:05 482816 ----a-w- C:\WINDOWS\System32\dmenrollengine.dll
2017-08-01 01:26:03 323584 ----a-w- C:\WINDOWS\System32\DeviceEnroller.exe
2017-08-01 01:25:46 249344 ----a-w- C:\WINDOWS\System32\coredpus.dll
2017-08-01 01:25:41 194048 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2017-08-01 01:25:41 140800 ----a-w- C:\WINDOWS\System32\dmcsps.dll
2017-07-31 15:15:09 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-07-31 15:15:09 177648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-07-28 05:30:35 1068720 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2017-07-28 05:25:32 2399728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-07-28 05:24:52 119904 ----a-w- C:\WINDOWS\System32\dmcmnutils.dll
2017-07-28 05:24:42 116280 ----a-w- C:\WINDOWS\System32\bcd.dll
2017-07-28 05:24:38 2327456 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
.
============= FINISH: 17:01:27.74 ===============
Here is my problem:
A couple of months ago I lost the ability to open Mozilla Firefox. My personal profile was missing or inaccessible. It doesn't even recognize my default personal profile number or code. When I went to my C drive and opened some folders, I received a message that my personal profile folder was actually EMPTY. My internet experiences in IE 11 have been pretty choppy the last few months.
A week or so ago, I finally consulted another help firm, and it ran a very extensive scan. I will summarize the help site's conclusions. As part of a small Wi-Fi network that includes my desktop computer and a laptop in another part of my house, it seems that unwanted "others" are also part of my network. AND, I have something called "Clampi" on my network, a specialized form of "network malware" that personal anti-malware such as Norton, Malwarebytes, Superantispyware, and Spyware Blaster have not picked up, because I was told Scampi is network malware.
I was told that my desktop computer and laptop are not themselves infected, but that the network we use, is. I'm being advised to purchase-at a hefty fee-network anti-malware, and that Mozilla might start working, again, once I have it installed. I often can't even open certain Norton Security news alerts and most of my downloaded files in my Documents and Download files (unless they are photos or pictures or art) because the Mozilla icon is attached to them and I get a message saying that my Mozilla default identity isn't working or Mozilla can't be located. And yet, I have it on my system
Frankly, I don't know what to think. Apparently, this "Clampi" began its rounds across the world a couple of months ago, about the time my Mozilla couldn't be opened. If there is a less expensive alternative to this nightmare, I would be open to it. I don't even know if the help site is correct in its diagnosis. They did an extensive diagnostic job on line for me, though. I also found that my Malwarebytes program couldn't be opened for a while. But, as soon as I have contacted the Malwarebytes Help Desk for assistance on that matter, it seemed to resolve itself. Someone listening in, maybe?
We don't run a business on our home computers, although we have done some financial communication and transactions. So far, they don't seem to have been compromised. You'd think they would be, by now. Perhaps the sites we utilize have strong safety features.
Anyway, here is the dds file and the attach file. I don't know how to zip it up before attaching it. Thanks for your help.
COPY/PASTE DDS:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.0
Run by samar_000 at 17:00:29 on 2017-09-10
Microsoft Windows 10 Home 10.0.15063.0.1252.1.1033.18.8130.4559 [GMT -4:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security *Enabled* {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
C:\WINDOWS\system32\WLANExt.exe
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -s PolicyAgent
c:\windows\system32\svchost.exe -k netsvcs -s IKEEXT
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\Program Files (x86)\APC\PowerChute Personal Edition\mainserv.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\Windows\SysWOW64\AsHookDevice.exe
C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
C:\Program Files\Intel\iCLS Client\HeciServer.exe
C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe
C:\Windows\system32\IProsetMonitor.exe
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
C:\WINDOWS\system32\lxeccoms.exe
C:\Windows\system32\mfevtps.exe
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe
C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
C:\Program Files\Common Files\McAfee\SystemCore\mfefire.exe
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
C:\Program Files\CyberLink\Shared files\RichVideo64.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
C:\Program Files\TrueKey\McTkSchedulerService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -s Browser
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
c:\windows\system32\svchost.exe -k localservice -s LicenseManager
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SensorService
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s Netman
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\NIS.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DsSvc
c:\windows\system32\svchost.exe -k netsvcs -s seclogon
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -s lmhosts
C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\NIS.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\ASUS\ASUS Manager\Ai Charger II\Ai_ChargerII_TrayIcon(ASUS_Manager).exe
C:\Program Files (x86)\ASUS\ASUS Manager\AsHKService.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Lighting\ASUS_Manager_Lighting.exe
C:\Program Files\ASUS\Built-in UPS\Built-in UPS.exe
C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DT_NFCExpressDesktops.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Application Update\ASUSUpdateChecker.exe
C:\Program Files (x86)\InstallShield Installation Information\{9AF45D7C-34F1-4BA0-B799-825C8C04494C}\AiChargerDT.exe
C:\Program Files (x86)\ASUS\ASUS Manager\NFC Express Desktops\DTNFCServer.exe
C:\Program Files (x86)\ASUS\ASUS Manager\Power Manager\Power Manager_background.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.19.856.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe
C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
C:\Users\samar_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\APC\PowerChute Personal Edition\apcsystray.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Users\samar_000\AppData\Roaming\AVAST Software\Browser Cleanup\BCUSched.exe
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localservice -s SstpSvc
c:\windows\system32\svchost.exe -k netsvcs -s RasMan
C:\WINDOWS\system32\svchost.exe -k netsvcs -s gpsvc
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -s wlidsvc
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -s WdiSystemHost
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.10.1.10\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\office15\grooveex.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.10.1.10\coIEPlg.dll
TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [OneDrive] "C:\Users\samar_000\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
mRun: [ASUSPRP] "C:\Program Files (x86)\ASUS\APRP\APRP.EXE"
mRun: [ASUSWebStorage] C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSPanel.exe /S
mRun: [RemoteControl10] "C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe"
mRun: [Display] C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
StartupFolder: C:\Users\SAMAR_~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\Startup\APCUPS~1.LNK - C:\Program Files (x86)\APC\PowerChute Personal Edition\Display.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office 15\Root\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office 15\Root\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\office15\ochelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 209.18.47.61 209.18.47.62
TCP: Interfaces\{7283d1fa-c566-4c0d-87d9-74e4a31ebd94} : DHCPNameServer = 209.18.47.61 209.18.47.62
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: True Key Helper: {0F4B8786-5502-4803-8EBC-F652A1153BB6} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\coIEPlg.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\coIEPlg.dll
x64-TB: True Key: {4BAAC1B8-0800-42C9-8FA6-08B211F356B8} - C:\Program Files\Intel Security\True Key\MSIE\truekey_ie64.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /MAXX4
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [lxecmon.exe] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\lxecmon.exe"
x64-Run: [EzPrint] "C:\Program Files (x86)\Lexmark Pro800-Pro900 Series\ezprint.exe"
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [ShadowPlay] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Malwarebytes TrayApp] C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\mbamtray.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\60.0.3112.113\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
================= FIREFOX ===================
.
FF - ProfilePath -
.
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2015-6-4 73976]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2013-11-11 644968]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MBAMChameleon.sys [2017-1-26 188352]
R0 mfehidk;McAfee Inc. mfehidk;C:\WINDOWS\System32\drivers\mfehidk.sys [2013-7-24 786296]
R0 mfewfpk;McAfee Inc. mfewfpk;C:\WINDOWS\System32\drivers\mfewfpk.sys [2013-7-24 348552]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symefasi64.sys [2017-9-1 1868416]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\BASHDefs\20170906.001\BHDrvx64.sys [2017-9-9 1862816]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ccsetx64.sys [2017-9-1 187520]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2017-1-26 77376]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.0.124\Definitions\IPSDefs\20170909.001\IDSvia64.sys [2017-9-9 1056920]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ironx64.sys [2017-9-1 301288]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symnets.sys [2017-9-1 566912]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [2014-7-22 173472]
R2 APC Data Service;APC Data Service;C:\Program Files (x86)\APC\PowerChute Personal Edition\dataserv.exe [2012-1-24 21880]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.00.19\atkexComSvc.exe [2014-2-28 920736]
R2 Asus WebStorage Windows Service;Asus WebStorage Windows Service;C:\Program Files (x86)\ASUS\WebStorage Sync Agent\1.1.18.159\AsusWSWinService.exe [2012-12-19 72192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_1dab56a4;Connected Devices Platform User Service_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2014-11-16 3042544]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 Device Handle Service;Device Handle Service;C:\Windows\SysWOW64\AsHookDevice.exe [2014-2-28 207160]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-1-23 1858048]
R2 GfExperienceService;NVIDIA GeForce Experience Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\GfExperienceService.exe [2015-10-16 1156384]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2013-8-7 15720]
R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2013-5-11 733696]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2013-7-9 195336]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-2-28 169432]
R2 lxec_device;lxec_device;C:\WINDOWS\System32\lxeccoms.exe -service --> C:\WINDOWS\System32\lxeccoms.exe -service [?]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2017-1-26 4470736]
R2 mfefire;McAfee Firewall Core Service;C:\Program Files\Common Files\mcafee\systemcore\mfefire.exe [2013-11-11 219752]
R2 mfevtp;McAfee Validation Trust Protection Service;C:\WINDOWS\System32\mfevtps.exe [2013-11-11 189912]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\22.10.1.10\nis.exe [2017-9-1 326144]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-3-3 458176]
R2 NvNetworkService;NVIDIA Network Service;C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [2015-10-16 1873696]
R2 NvStreamSvc;NVIDIA Streamer Service;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamService.exe [2015-10-16 5568288]
R2 OneSyncSvc_1dab56a4;Sync Host_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 RichVideo64;Cyberlink RichVideo64 Service(CRVS);C:\Program Files\CyberLink\Shared files\RichVideo64.exe [2013-11-11 390632]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-7-13 336320]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 TrueKey;Intel Security True Key;C:\Program Files\TrueKey\McAfee.TrueKey.Service.exe [2017-7-6 1001920]
R2 TrueKeyScheduler;Intel Security True Key Scheduler;C:\Program Files\TrueKey\McTkSchedulerService.exe [2016-5-2 16928]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-7-13 142752]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_1dab56a4;Windows Push Notifications User Service_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 AmUStor;AM USB Stroage Driver;C:\WINDOWS\System32\drivers\AmUStor.sys [2013-7-5 98984]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2017-8-10 97280]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-7-1 158336]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2017-1-27 101784]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2017-1-26 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2017-1-26 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2017-1-26 93600]
R3 mfeavfk;McAfee Inc. mfeavfk;C:\WINDOWS\System32\drivers\mfeavfk.sys [2013-7-24 313544]
R3 mfefirek;McAfee Inc. mfefirek;C:\WINDOWS\System32\drivers\mfefirek.sys [2013-7-24 523792]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2015-10-16 50472]
R3 PimIndexMaintenanceSvc_1dab56a4;Contact Data_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 RtkBtFilter;Realtek Bluetooth Filter Driver;C:\WINDOWS\System32\drivers\RtkBtfilter.sys [2016-2-25 607488]
R3 RTWlanE;Realtek Wireless LAN 802.11n PCI-E Network Adapter;C:\WINDOWS\System32\drivers\rtwlane.sys [2017-5-3 6804480]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
R3 UnistoreSvc_1dab56a4;User Data Storage_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 UserDataSvc_1dab56a4;User Data Access_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-7-13 757248]
S0 mfeelamk;McAfee Inc. mfeelamk;C:\WINDOWS\System32\drivers\mfeelamk.sys [2013-7-24 70600]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symelam.sys [2017-9-1 24608]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-3-18 39424]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cfwids;McAfee Inc. cfwids;C:\WINDOWS\System32\drivers\cfwids.sys [2013-7-24 72128]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_1dab56a4;DevicesFlow_1dab56a4;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2013-5-11 822232]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_1dab56a4;MessagingService_1dab56a4;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-6-15 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-3-18 891904]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-3-18 95648]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 TrueKeyServiceHelper;Intel Security True Key Helper Service;C:\Program Files\TrueKey\McAfee.TrueKey.ServiceHelper.exe [2017-7-6 87760]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-3-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-8-10 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-3-18 342264]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;LPA Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-6-15 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-09-01 04:18:27 566912 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symnets.sys
2017-09-01 04:18:27 49304 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\srtspx64.sys
2017-09-01 04:18:27 24608 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symelam.sys
2017-09-01 04:18:27 1868416 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\symefasi64.sys
2017-09-01 04:18:26 810136 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\srtsp64.sys
2017-09-01 04:18:25 301288 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ironx64.sys
2017-09-01 04:18:25 187520 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A\ccsetx64.sys
2017-09-01 04:17:54 -------- d-----w- C:\WINDOWS\System32\drivers\NISx64\160A010.00A
.
==================== Find3M ====================
.
2017-09-10 19:57:16 93600 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2017-08-28 07:24:16 101784 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
2017-08-28 07:24:15 45472 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2017-08-28 07:24:14 253856 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-08-01 02:39:54 8319392 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-08-01 02:38:47 406544 ----a-w- C:\WINDOWS\SysWow64\policymanager.dll
2017-08-01 02:38:08 382368 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2017-08-01 02:36:56 119712 ----a-w- C:\WINDOWS\System32\drivers\tdx.sys
2017-08-01 02:36:49 323488 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2017-08-01 02:36:29 750496 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-08-01 02:35:13 280472 ----a-w- C:\WINDOWS\SysWow64\WerFault.exe
2017-08-01 02:35:09 133904 ----a-w- C:\WINDOWS\SysWow64\WerFaultSecure.exe
2017-08-01 02:34:39 610584 ----a-w- C:\WINDOWS\SysWow64\wer.dll
2017-08-01 02:34:36 359552 ----a-w- C:\WINDOWS\SysWow64\Faultrep.dll
2017-08-01 02:34:32 349600 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2017-08-01 02:34:32 168864 ----a-w- C:\WINDOWS\SysWow64\wermgr.exe
2017-08-01 02:33:57 473240 ----a-w- C:\WINDOWS\System32\policymanager.dll
2017-08-01 02:32:37 2444704 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-08-01 02:32:23 712600 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2017-08-01 02:32:04 820128 ----a-w- C:\WINDOWS\System32\WWAHost.exe
2017-08-01 02:31:56 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-08-01 02:31:49 212384 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2017-08-01 02:31:01 176024 ----a-w- C:\WINDOWS\SysWow64\basecsp.dll
2017-08-01 02:30:52 315288 ----a-w- C:\WINDOWS\System32\WerFault.exe
2017-08-01 02:30:50 143736 ----a-w- C:\WINDOWS\System32\WerFaultSecure.exe
2017-08-01 02:30:25 723680 ----a-w- C:\WINDOWS\System32\wer.dll
2017-08-01 02:30:21 82336 ----a-w- C:\WINDOWS\System32\drivers\vmbkmcl.sys
2017-08-01 02:30:18 410160 ----a-w- C:\WINDOWS\System32\Faultrep.dll
2017-08-01 02:30:16 182688 ----a-w- C:\WINDOWS\System32\wermgr.exe
2017-08-01 02:30:09 411040 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2017-08-01 02:26:58 204192 ----a-w- C:\WINDOWS\System32\basecsp.dll
2017-08-01 02:20:54 404480 ----a-w- C:\WINDOWS\SysWow64\werui.dll
2017-08-01 02:20:40 154624 ----a-w- C:\WINDOWS\SysWow64\DWWIN.EXE
2017-08-01 02:20:33 2956288 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2017-08-01 02:18:16 13841408 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
2017-08-01 02:18:13 2199552 ----a-w- C:\WINDOWS\SysWow64\Windows.UI.Xaml.Resources.dll
2017-08-01 02:17:02 34816 ----a-w- C:\WINDOWS\SysWow64\tokenbinding.dll
2017-08-01 02:16:16 80896 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2017-08-01 02:14:09 35840 ----a-w- C:\WINDOWS\SysWow64\sscore.dll
2017-08-01 02:13:31 127488 ----a-w- C:\WINDOWS\SysWow64\fdeploy.dll
2017-08-01 02:13:30 20504064 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2017-08-01 02:13:12 364032 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2017-08-01 02:12:28 229888 ----a-w- C:\WINDOWS\SysWow64\scksp.dll
2017-08-01 02:10:19 358400 ----a-w- C:\WINDOWS\SysWow64\ieproxy.dll
2017-08-01 02:09:58 394240 ----a-w- C:\WINDOWS\SysWow64\Windows.Internal.Management.dll
2017-08-01 02:08:54 267264 ----a-w- C:\WINDOWS\SysWow64\ncryptprov.dll
2017-08-01 02:07:57 2671616 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2017-08-01 02:07:54 5961728 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2017-08-01 02:06:46 798208 ----a-w- C:\WINDOWS\SysWow64\TokenBroker.dll
2017-08-01 02:04:40 6269440 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2017-08-01 02:04:32 3656192 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2017-08-01 01:57:22 23677952 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-08-01 01:45:44 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-08-01 01:45:28 462848 ----a-w- C:\WINDOWS\System32\werui.dll
2017-08-01 01:45:03 92672 ----a-w- C:\WINDOWS\System32\wercplsupport.dll
2017-08-01 01:45:02 1275392 ----a-w- C:\WINDOWS\System32\werconcpl.dll
2017-08-01 01:44:53 184320 ----a-w- C:\WINDOWS\System32\DWWIN.EXE
2017-08-01 01:44:49 77824 ----a-w- C:\WINDOWS\System32\wsqmcons.exe
2017-08-01 01:44:32 83968 ----a-w- C:\WINDOWS\System32\drivers\vmbkmclr.sys
2017-08-01 01:42:55 2199552 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2017-08-01 01:41:48 42496 ----a-w- C:\WINDOWS\System32\tokenbinding.dll
2017-08-01 01:41:47 130560 ----a-w- C:\WINDOWS\System32\policymanagerprecheck.dll
2017-08-01 01:41:36 180736 ----a-w- C:\WINDOWS\System32\drivers\rfcomm.sys
2017-08-01 01:41:04 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-08-01 01:40:59 17366528 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2017-08-01 01:40:35 290816 ----a-w- C:\WINDOWS\System32\dmenterprisediagnostics.dll
2017-08-01 01:39:04 46592 ----a-w- C:\WINDOWS\System32\sscore.dll
2017-08-01 01:38:49 143872 ----a-w- C:\WINDOWS\System32\profsvcext.dll
2017-08-01 01:38:21 153088 ----a-w- C:\WINDOWS\System32\fdeploy.dll
2017-08-01 01:37:53 433664 ----a-w- C:\WINDOWS\System32\msIso.dll
2017-08-01 01:37:29 582656 ----a-w- C:\WINDOWS\System32\SmsRouterSvc.dll
2017-08-01 01:37:09 255488 ----a-w- C:\WINDOWS\System32\scksp.dll
2017-08-01 01:35:14 692736 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2017-08-01 01:34:37 805888 ----a-w- C:\WINDOWS\System32\ieproxy.dll
2017-08-01 01:33:49 1269760 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2017-08-01 01:33:28 315904 ----a-w- C:\WINDOWS\System32\ncryptprov.dll
2017-08-01 01:32:47 7336960 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-08-01 01:32:37 176640 ----a-w- C:\WINDOWS\System32\wersvc.dll
2017-08-01 01:31:25 4445696 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2017-08-01 01:31:03 1396736 ----a-w- C:\WINDOWS\System32\wwansvc.dll
2017-08-01 01:30:43 8209920 ----a-w- C:\WINDOWS\System32\Chakra.dll
2017-08-01 01:30:42 303104 ----a-w- C:\WINDOWS\System32\srvsvc.dll
2017-08-01 01:30:27 1052160 ----a-w- C:\WINDOWS\System32\TokenBroker.dll
2017-08-01 01:30:18 2055168 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2017-08-01 01:30:09 3377664 ----a-w- C:\WINDOWS\System32\tquery.dll
2017-08-01 01:28:51 2516480 ----a-w- C:\WINDOWS\System32\diagtrack.dll
2017-08-01 01:28:43 4730368 ----a-w- C:\WINDOWS\System32\jscript9.dll
2017-08-01 01:27:25 574464 ----a-w- C:\WINDOWS\System32\configmanager2.dll
2017-08-01 01:27:05 482816 ----a-w- C:\WINDOWS\System32\dmenrollengine.dll
2017-08-01 01:26:03 323584 ----a-w- C:\WINDOWS\System32\DeviceEnroller.exe
2017-08-01 01:25:46 249344 ----a-w- C:\WINDOWS\System32\coredpus.dll
2017-08-01 01:25:41 194048 ----a-w- C:\WINDOWS\System32\mdmregistration.dll
2017-08-01 01:25:41 140800 ----a-w- C:\WINDOWS\System32\dmcsps.dll
2017-07-31 15:15:09 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-07-31 15:15:09 177648 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-07-28 05:30:35 1068720 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2017-07-28 05:25:32 2399728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-07-28 05:24:52 119904 ----a-w- C:\WINDOWS\System32\dmcmnutils.dll
2017-07-28 05:24:42 116280 ----a-w- C:\WINDOWS\System32\bcd.dll
2017-07-28 05:24:38 2327456 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
.
============= FINISH: 17:01:27.74 ===============