hello, my computer is acting up (slower than a snail and sometimes, when I click on a program to open it, the whole screen turns almost white), aside from that, people who go to my blog say that they are redirected to page containing the words widgetserver.com. My visitors are complaining that they cannot pass from that page, so I need help. I do not know enough to get rid of a redirect virus on my own. Your assistance will be greatly appreciated.
I have run dds and am enclosing the log.
Thank you so very much!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19203
Run by Clotilde at 0:52:19 on 2018-12-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6072.1174 [GMT -7:00]
.
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET Security *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\ESET\ESET Security\ekrn.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\ESET\ESET Security\egui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\paint.net\PaintDotNet.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://hp13.msn.com
mStart Page = about:blank
mDefault_Page_URL = hxxp://hp13.msn.com
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
uRun: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Works Update Detection] C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Syncios device service] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{C448E5AE-83C5-40EF-9876-08D07D2201C8} : DHCPNameServer = 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Program Files (x86)\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
mASetup: {48F69C39-1356-4A7B-A899-70E3539D4982} - "C:\Program Files (x86)\AVG\Browser\Application\70.1.682.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [ZAM] "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized
x64-Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 Spywareinfo.com
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Clotilde\AppData\Roaming\Mozilla\Firefox\Profiles\ph5zoyns.default-1539581929115\
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 edevmon;edevmon;C:\Windows\System32\drivers\edevmon.sys [2018-11-29 107896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-10-9 1398936]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-10-9 30360]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-5-18 22800]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2015-7-31 91912]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2018-11-29 143448]
R1 EpfwLWF;ESET Firewall;C:\Windows\System32\drivers\EpfwLWF.sys [2018-10-17 61528]
R1 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2018-10-17 109864]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2018-10-6 152688]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 ZAM;ZAM Helper Driver;C:\Windows\System32\drivers\zam64.sys [2018-12-7 203680]
R1 ZAM_Guard;ZAM Guard Driver;C:\Windows\System32\drivers\zamguard64.sys [2018-12-7 203680]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-12-4 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-10-28 1710456]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-10-28 1165688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-3-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-3-26 128584]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2018-11-28 51024]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 ekbdflt;ekbdflt;C:\Windows\System32\drivers\ekbdflt.sys [2018-10-17 50144]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-7-31 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-8-21 99128]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2015-1-27 44680]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2014-6-9 35640]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-9 18584]
R2 iBtSiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-10-28 124520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-5-18 344168]
R2 IntelUSBoverIP;IntelUSBoverIP;C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-1-14 395744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2018-12-13 198512]
R3 A6100;NETGEAR A6100 WiFi Adapter;C:\Windows\System32\drivers\A6100.sys [2018-1-15 7694920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2015-7-31 41704]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2015-7-31 38720]
R3 ekrnEpfw;ESET Firewall Helper;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2015-7-31 216360]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-5-18 387344]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-5-18 797456]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2015-1-14 27000]
R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2018-12-7 161408]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2018-12-13 126624]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2018-12-13 72536]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2018-12-13 261032]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2018-12-13 103760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-7-31 977624]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2015-2-13 33448]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2015-1-14 212056]
S2 avast;%1!s! Update Service (avast);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S2 avg;%1!s! Update Service (avg);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9;C:\Windows\System32\drivers\aftap0901.sys [2018-3-6 48624]
S3 avastm;%1!s! Update Service (avastm);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S3 avgm;%1!s! Update Service (avgm);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2014-10-28 141624]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2014-11-26 1448248]
S3 btmlehid;Intel Bluetooth Low Energy HID Service;C:\Windows\System32\drivers\btmlehid.sys [2014-11-5 83768]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2016-8-16 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\Windows\System32\drivers\ibtusb.sys [2014-10-28 230128]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-12-11 116224]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2015-1-14 38264]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-5-18 455440]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-5-13 887256]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-5-14 19456]
S3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2015-7-31 781528]
S3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2015-7-31 377048]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-2-13 33448]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-5-14 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-5-14 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-5-14 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
.
=============== Created Last 30 ================
.
2018-12-13 07:40:22 72536 ----a-w- C:\Windows\System32\drivers\mbam.sys
2018-12-13 07:40:07 198512 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys
2018-12-13 07:40:03 261032 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys
2018-12-13 07:40:03 126624 ----a-w- C:\Windows\System32\drivers\farflt.sys
2018-12-13 07:40:02 103760 ----a-w- C:\Windows\System32\drivers\mwac.sys
2018-12-12 12:06:00 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2736.dll
2018-12-12 10:44:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2716.dll
2018-12-11 11:06:03 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2656.dll
2018-12-10 01:24:13 14845712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\mpengine.dll
2018-12-07 10:23:14 203680 ----a-w- C:\Windows\System32\drivers\zam64.sys
2018-12-07 10:23:12 203680 ----a-w- C:\Windows\System32\drivers\zamguard64.sys
2018-12-07 10:22:51 161408 ----a-w- C:\Windows\System32\drivers\KeyCrypt64.sys
2018-12-07 10:22:44 -------- d-----w- C:\Program Files (x86)\KeyCryptSDK
2018-12-07 10:22:42 -------- d-----w- C:\Program Files (x86)\Zemana AntiLogger
2018-12-07 10:22:22 -------- d-----w- C:\Users\Clotilde\AppData\Local\Zemana
2018-12-07 06:37:59 51712 ----a-w- C:\Windows\System32\vmictimeprovider.dll
2018-12-07 06:36:55 634272 ----a-w- C:\Windows\System32\winload.exe
2018-12-04 19:50:22 255472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2018-12-02 06:21:47 334488 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2018-11-29 17:54:40 143448 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2018-11-29 17:54:40 107896 ----a-w- C:\Windows\System32\drivers\edevmon.sys
2018-11-28 13:09:04 51024 ----a-w- C:\Windows\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\Windows\System32\drivers\dbx-stable.sys
2018-11-18 10:08:21 -------- d-----w- C:\NPE
.
==================== Find3M ====================
.
2018-12-13 07:38:15 152688 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2018-12-06 03:48:46 842240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2018-12-06 03:48:46 175104 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2018-12-06 02:39:38 3227648 ----a-w- C:\Windows\System32\win32k.sys
2018-11-28 22:02:47 12574720 ----a-w- C:\Windows\System32\wmploc.DLL
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\msdxm.ocx
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\dxmasf.dll
2018-11-28 22:02:44 9728 ----a-w- C:\Windows\System32\spwmp.dll
2018-11-28 21:50:18 12574208 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2018-11-28 21:38:20 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2018-11-27 01:33:44 592416 ------w- C:\Windows\System32\MpSigStub.exe
2018-11-15 01:51:22 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-11-15 01:50:24 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-11-13 04:54:41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-11-13 04:54:28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-11-13 04:41:00 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-11-13 04:40:17 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-11-13 04:40:11 417280 ----a-w- C:\Windows\System32\html.iec
2018-11-13 04:39:43 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-11-13 04:35:33 5778944 ----a-w- C:\Windows\System32\jscript9.dll
2018-11-13 04:28:52 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-11-13 04:28:51 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-11-13 04:28:31 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-11-13 04:26:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-11-13 04:21:22 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-11-13 04:13:57 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-11-13 04:13:15 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-11-13 04:13:04 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-11-13 04:12:13 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-11-13 04:11:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-11-13 04:11:17 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-11-13 04:03:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-11-13 04:03:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-11-13 03:51:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-11-13 03:50:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-11-13 03:50:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-11-13 03:49:59 2136064 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-11-13 03:42:08 4494848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-11-13 03:38:33 4859904 ----a-w- C:\Windows\System32\wininet.dll
2018-11-13 03:37:22 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-11-13 03:36:42 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-11-13 03:18:56 4386816 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-11-11 17:19:16 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-11-11 17:01:37 708328 ----a-w- C:\Windows\System32\winload.efi
2018-11-11 17:01:36 366824 ----a-w- C:\Windows\System32\drivers\msrpc.sys
2018-11-11 17:01:35 5551848 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-11-11 17:01:15 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-11-11 17:01:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-11-11 17:00:27 1664360 ----a-w- C:\Windows\System32\ntdll.dll
2018-11-11 16:57:40 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-11-11 16:49:44 4054760 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-11-11 16:49:09 3960040 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-11-11 16:47:23 1314104 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-11-11 16:44:39 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-11-11 16:25:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-11-11 16:25:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-11-11 16:25:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-11-11 16:24:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-11-11 16:20:50 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-11-11 16:20:16 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-11-11 16:19:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-11-11 16:19:32 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-11-11 16:16:39 160768 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-11-11 16:16:08 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-11-11 16:16:06 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-11-11 16:15:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-11-11 16:15:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-11-11 16:15:07 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-11-11 16:15:07 112640 ----a-w- C:\Windows\System32\smss.exe
2018-11-11 16:15:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-11-11 16:15:06 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-11-11 16:15:05 64512 ----a-w- C:\Windows\System32\drivers\amdk8.sys
2018-11-11 16:15:05 62464 ----a-w- C:\Windows\System32\drivers\intelppm.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\processr.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\amdppm.sys
2018-11-11 16:14:04 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-11-11 16:13:55 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-11-11 16:13:55 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-11 16:13:55 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-11 16:13:55 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-11-11 01:25:57 516608 ----a-w- C:\Windows\System32\rpcss.dll
2018-11-11 01:25:52 26112 ----a-w- C:\Windows\System32\oleres.dll
2018-11-11 01:25:52 2072576 ----a-w- C:\Windows\System32\ole32.dll
2018-11-11 01:24:56 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-11-11 01:10:52 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2018-11-11 01:10:51 1425920 ----a-w- C:\Windows\SysWow64\ole32.dll
2018-11-11 00:47:49 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2018-11-08 16:58:35 2009600 ----a-w- C:\Windows\System32\msxml6.dll
2018-11-08 16:58:35 1889280 ----a-w- C:\Windows\System32\msxml3.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2018-11-08 16:43:47 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2018-11-08 16:43:47 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
2018-11-06 04:36:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-11-06 04:20:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-10-27 03:42:17 28160 ----a-w- C:\Windows\System32\wshcon.dll
.
============= FINISH: 0:55:40.05 ===============
I have run dds and am enclosing the log.
Thank you so very much!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.9600.19203
Run by Clotilde at 0:52:19 on 2018-12-13
Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.6072.1174 [GMT -7:00]
.
AV: Malwarebytes *Enabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: ESET Security *Enabled/Updated* {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
SP: ESET Security *Enabled/Updated* {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
SP: Malwarebytes *Enabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall *Enabled* {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}
.
============== Running Processes ===============
.
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\ESET\ESET Security\ekrn.exe
C:\Windows\system32\svchost.exe -k RPCSS
C:\Program Files\Hewlett-Packard\SimplePass\OmniServ.exe
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\igfxCUIService.exe
C:\Windows\system32\Hpservice.exe
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\WLANExt.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Windows\system32\DbxSvc.exe
C:\Windows\System32\svchost.exe -k utcsvc
C:\Windows\SysWOW64\esif_uf.exe
C:\Program Files\Intel\WiFi\bin\EvtEng.exe
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
c:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe
C:\Program Files\Softland\novaPDF 8\Server\novapdfs.exe
C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Windows\System32\svchost.exe -k secsvcs
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\WUDFHost.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler.exe
C:\Program Files (x86)\AVG\Browser\Update\1.4.155.333\AVGBrowserCrashHandler64.exe
C:\Windows\system32\svchost.exe -k WbioSvcGroup
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe
C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
C:\Windows\system32\taskhost.exe
C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
C:\Windows\TEMP\DPTF\esif_assist.exe
C:\Program Files (x86)\NETGEAR\A6100\A6100.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\Hewlett-Packard\SimplePass\OPBHOBrokerDsktop.exe
C:\Program Files\Hewlett-Packard\SimplePass\ClientCore.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Windows\System32\rundll32.exe
C:\Windows\system32\igfxEM.exe
C:\Windows\system32\igfxHK.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
C:\Program Files\ESET\ESET Security\egui.exe
C:\Windows\system32\SearchIndexer.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
c:\Program Files (x86)\CyberLink\YouCam\YouCamService.exe
C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Anvsoft\Syncios\androidnotifier.exe
C:\Program Files (x86)\Anvsoft\Syncios\adb.exe
C:\Program Files (x86)\Microsoft Picture It! 7\Pip.exe
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\paint.net\PaintDotNet.exe
C:\Windows\splwow64.exe
C:\Program Files (x86)\Dropbox\Client\QtWebEngineProcess.exe
C:\Program Files (x86)\Wisdom-soft ScreenHunter 6.0 Free\ScreenHunter.exe
C:\Program Files (x86)\IrfanView\i_view32.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\NOTEPAD.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\notepad.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://google.com/
uDefault_Page_URL = hxxp://hp13.msn.com
mStart Page = about:blank
mDefault_Page_URL = hxxp://hp13.msn.com
BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
BHO: Evernote extension: {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
uRun: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
uRun: [Skype for Desktop] C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
uRun: [McAfeeSafeConnect] C:\Program Files (x86)\McAfee Safe Connect\McAfee Safe Connect.exe
mRun: [AccelerometerSysTrayApplet] C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerST.exe
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe"
mRun: [HP Software Update] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
mRun: [Microsoft Works Update Detection] C:\Program Files (x86)\Common Files\Microsoft Shared\Works Shared\WkUFind.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [Syncios device service] C:\Program Files (x86)\Anvsoft\Syncios\SynciosDeviceService.exe
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\MICROS~1.LNK - C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
StartupFolder: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\NETGEA~1.LNK - C:\Program Files (x86)\NETGEAR\A6100\RtlService.exe
mPolicies-Explorer: NoActiveDesktop = dword:1
mPolicies-Explorer: NoActiveDesktopChanges = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:5
mPolicies-System: ConsentPromptBehaviorUser = dword:3
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\\EvernoteIERes\AddNote.html
.
INFO: HKCU has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
.
INFO: HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
TCP: NameServer = 192.168.254.254
TCP: Interfaces\{C448E5AE-83C5-40EF-9876-08D07D2201C8} : DHCPNameServer = 192.168.254.254
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
AppInit_DLLs= C:\Program Files (x86)\KEYCRY~1\KEYCRY~3.DLL
SSODL: WebCheck - <orphaned>
LSA: Notification Packages = scecli C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter
mASetup: {438363A8-F486-4C37-834C-4955773CB3D3} - msiexec /fu {438363A8-F486-4C37-834C-4955773CB3D3} /qn
mASetup: {48F69C39-1356-4A7B-A899-70E3539D4982} - "C:\Program Files (x86)\AVG\Browser\Application\70.1.682.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-mStart Page = about:blank
x64-BHO: Windows Live ID Sign-in Helper: {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [BTMTrayAgent] rundll32.exe "C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll",TrayApp
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [ZAM] "C:\Program Files (x86)\Zemana AntiLogger\ZAM.exe" /minimized
x64-Run: [egui] "C:\Program Files\ESET\ESET Security\ecmds.exe" /launch /hide
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIERes\AddNote.html
.
INFO: x64-HKLM has more than 50 listed domains.
If you wish to scan all of them, select the 'Force scan all domains' option.
.
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
Hosts: 127.0.0.1 Spywareinfo.com
Hosts: 0.0.0.1 mssplus.mcafee.com
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Clotilde\AppData\Roaming\Mozilla\Firefox\Profiles\ph5zoyns.default-1539581929115\
FF - plugin: C:\Program Files\VideoLAN\VLC\npvlc.dll
.
============= SERVICES / DRIVERS ===============
.
R0 edevmon;edevmon;C:\Windows\System32\drivers\edevmon.sys [2018-11-29 107896]
R0 iaStorA;iaStorA;C:\Windows\System32\drivers\iaStorA.sys [2014-10-9 1398936]
R0 iaStorF;iaStorF;C:\Windows\System32\drivers\iaStorF.sys [2014-10-9 30360]
R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\Windows\System32\drivers\iusb3hcs.sys [2015-5-18 22800]
R1 CLVirtualDrive;CLVirtualDrive;C:\Windows\System32\drivers\CLVirtualDrive.sys [2015-7-31 91912]
R1 eamonm;eamonm;C:\Windows\System32\drivers\eamonm.sys [2018-11-29 143448]
R1 EpfwLWF;ESET Firewall;C:\Windows\System32\drivers\EpfwLWF.sys [2018-10-17 61528]
R1 epfwwfp;epfwwfp;C:\Windows\System32\drivers\epfwwfp.sys [2018-10-17 109864]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\Windows\System32\drivers\mbae64.sys [2018-10-6 152688]
R1 SASDIFSV;SASDIFSV;C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys [2011-7-22 14928]
R1 SASKUTIL;SASKUTIL;C:\Program Files\SUPERAntiSpyware\saskutil64.sys [2011-7-12 12368]
R1 ZAM;ZAM Helper Driver;C:\Windows\System32\drivers\zam64.sys [2018-12-7 203680]
R1 ZAM_Guard;ZAM Guard Driver;C:\Windows\System32\drivers\zamguard64.sys [2018-12-7 203680]
R2 !SASCORE;SAS Core Service;C:\Program Files\SUPERAntiSpyware\SASCore64.exe [2014-7-22 172344]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-7-5 83768]
R2 Bluetooth Device Monitor;Bluetooth Device Monitor;C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe [2014-12-4 1206648]
R2 Bluetooth Media Service;Bluetooth Media Service;C:\Program Files (x86)\Intel\Bluetooth\mediasrv.exe [2014-10-28 1710456]
R2 Bluetooth OBEX Service;Bluetooth OBEX Service;C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe [2014-10-28 1165688]
R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2018-3-26 107592]
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2018-3-26 128584]
R2 DbxSvc;DbxSvc;C:\Windows\System32\DbxSvc.exe [2018-11-28 51024]
R2 DiagTrack;Diagnostics Tracking Service;C:\Windows\System32\svchost.exe -k utcsvc [2009-7-13 27136]
R2 ekbdflt;ekbdflt;C:\Windows\System32\drivers\ekbdflt.sys [2018-10-17 50144]
R2 ekrn;ESET Service;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R2 esifsvc;ESIF Upper Framework Service;C:\Windows\SysWOW64\esif_uf.exe [2015-7-31 1037568]
R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2014-8-21 99128]
R2 hpsrv;HP Service;C:\Windows\System32\hpservice.exe [2015-1-27 44680]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2014-6-9 35640]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2014-10-9 18584]
R2 iBtSiva;Intel Bluetooth Service;C:\Program Files (x86)\Intel\Bluetooth\ibtsiva.exe [2014-10-28 124520]
R2 igfxCUIService1.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\Windows\System32\igfxCUIService.exe [2015-5-18 344168]
R2 IntelUSBoverIP;IntelUSBoverIP;C:\Program Files\Intel Corporation\USB over IP\bin\UoipService.exe [2015-1-14 395744]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2014-11-10 158496]
R2 MBAMChameleon;MBAMChameleon;C:\Windows\System32\drivers\MbamChameleon.sys [2018-12-13 198512]
R3 A6100;NETGEAR A6100 WiFi Adapter;C:\Windows\System32\drivers\A6100.sys [2018-1-15 7694920]
R3 clwvd;CyberLink WebCam Virtual Driver;C:\Windows\System32\drivers\clwvd.sys [2015-7-31 41704]
R3 dptf_cpu;dptf_cpu;C:\Windows\System32\drivers\dptf_cpu.sys [2015-7-31 38720]
R3 ekrnEpfw;ESET Firewall Helper;C:\Program Files\ESET\ESET Security\ekrn.exe [2018-11-29 2302160]
R3 esif_lf;esif_lf;C:\Windows\System32\drivers\esif_lf.sys [2015-7-31 216360]
R3 iusb3hub;Intel(R) USB 3.0 Hub Driver;C:\Windows\System32\drivers\iusb3hub.sys [2015-5-18 387344]
R3 iusb3xhc;Intel(R) USB 3.0 eXtensible Host Controller Driver;C:\Windows\System32\drivers\iusb3xhc.sys [2015-5-18 797456]
R3 iwdbus;IWD Bus Enumerator;C:\Windows\System32\drivers\iwdbus.sys [2015-1-14 27000]
R3 keycrypt;keycrypt;C:\Windows\System32\drivers\KeyCrypt64.sys [2018-12-7 161408]
R3 MBAMFarflt;MBAMFarflt;C:\Windows\System32\drivers\farflt.sys [2018-12-13 126624]
R3 MBAMProtection;MBAMProtection;C:\Windows\System32\drivers\mbam.sys [2018-12-13 72536]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\Windows\System32\drivers\mbamswissarmy.sys [2018-12-13 261032]
R3 MBAMWebProtection;MBAMWebProtection;C:\Windows\System32\drivers\mwac.sys [2018-12-13 103760]
R3 RTL8167;Realtek 8167 NT Driver;C:\Windows\System32\drivers\Rt64win7.sys [2015-7-31 977624]
R3 SmbDrvI;SmbDrvI;C:\Windows\System32\drivers\Smb_driver_Intel.sys [2015-2-13 33448]
R3 usb3Hub;UoIP Hub;C:\Windows\System32\drivers\usb3Hub.sys [2015-1-14 212056]
S2 avast;%1!s! Update Service (avast);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /svc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S2 avg;%1!s! Update Service (avg);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 aftap0901;AnchorFree TAP-Windows Adapter V9;C:\Windows\System32\drivers\aftap0901.sys [2018-3-6 48624]
S3 avastm;%1!s! Update Service (avastm);"C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe" /medsvc --> C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe [?]
S3 avgm;%1!s! Update Service (avgm);C:\Program Files (x86)\AVG\Browser\Update\AVGBrowserUpdate.exe [2018-10-4 165520]
S3 btmaux;Intel Bluetooth Auxiliary Service;C:\Windows\System32\drivers\btmaux.sys [2014-10-28 141624]
S3 btmhsf;btmhsf;C:\Windows\System32\drivers\btmhsf.sys [2014-11-26 1448248]
S3 btmlehid;Intel Bluetooth Low Energy HID Service;C:\Windows\System32\drivers\btmlehid.sys [2014-11-5 83768]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2015-8-19 143144]
S3 dmvsc;dmvsc;C:\Windows\System32\drivers\dmvsc.sys [2010-11-20 71168]
S3 fssfltr;fssfltr;C:\Windows\System32\drivers\fssfltr.sys [2016-8-16 58056]
S3 fsssvc;Windows Live Family Safety Service;C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2014-3-31 1512640]
S3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\Windows\System32\drivers\ibtusb.sys [2014-10-28 230128]
S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\Windows\System32\ieetwcollector.exe [2018-12-11 116224]
S3 intaud_WaveExtensible;Intel WiDi Audio Device;C:\Windows\System32\drivers\intelaud.sys [2015-1-14 38264]
S3 IntcDAud;Intel(R) Display Audio;C:\Windows\System32\drivers\IntcDAud.sys [2015-5-18 455440]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2014-5-13 887256]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;C:\Windows\System32\drivers\rdpvideominiport.sys [2015-5-14 19456]
S3 RTSPER;Realtek PCIE Card Reader - PER;C:\Windows\System32\drivers\RtsPer.sys [2015-7-31 781528]
S3 RTSUER;Realtek USB Card Reader - UER;C:\Windows\System32\drivers\RtsUer.sys [2015-7-31 377048]
S3 SmbDrv;SmbDrv;C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [2015-2-13 33448]
S3 terminpt;Microsoft Remote Desktop Input Driver;C:\Windows\System32\drivers\terminpt.sys [2015-5-14 29696]
S3 TsUsbFlt;TsUsbFlt;C:\Windows\System32\drivers\TsUsbFlt.sys [2015-5-14 57856]
S3 TsUsbGD;Remote Desktop Generic USB Device;C:\Windows\System32\drivers\TsUsbGD.sys [2015-5-14 30208]
S3 USBAAPL64;Apple Mobile USB Driver;C:\Windows\System32\drivers\usbaapl64.sys [2015-6-10 54784]
.
=============== Created Last 30 ================
.
2018-12-13 07:40:22 72536 ----a-w- C:\Windows\System32\drivers\mbam.sys
2018-12-13 07:40:07 198512 ----a-w- C:\Windows\System32\drivers\MbamChameleon.sys
2018-12-13 07:40:03 261032 ----a-w- C:\Windows\System32\drivers\mbamswissarmy.sys
2018-12-13 07:40:03 126624 ----a-w- C:\Windows\System32\drivers\farflt.sys
2018-12-13 07:40:02 103760 ----a-w- C:\Windows\System32\drivers\mwac.sys
2018-12-12 12:06:00 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2736.dll
2018-12-12 10:44:32 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2716.dll
2018-12-11 11:06:03 75888 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\offreg.2656.dll
2018-12-10 01:24:13 14845712 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8520961D-A24F-4C20-A1CD-EA950C82FFC9}\mpengine.dll
2018-12-07 10:23:14 203680 ----a-w- C:\Windows\System32\drivers\zam64.sys
2018-12-07 10:23:12 203680 ----a-w- C:\Windows\System32\drivers\zamguard64.sys
2018-12-07 10:22:51 161408 ----a-w- C:\Windows\System32\drivers\KeyCrypt64.sys
2018-12-07 10:22:44 -------- d-----w- C:\Program Files (x86)\KeyCryptSDK
2018-12-07 10:22:42 -------- d-----w- C:\Program Files (x86)\Zemana AntiLogger
2018-12-07 10:22:22 -------- d-----w- C:\Users\Clotilde\AppData\Local\Zemana
2018-12-07 06:37:59 51712 ----a-w- C:\Windows\System32\vmictimeprovider.dll
2018-12-07 06:36:55 634272 ----a-w- C:\Windows\System32\winload.exe
2018-12-04 19:50:22 255472 ----a-w- C:\Program Files (x86)\Internet Explorer\Plugins\nppdf32.dll
2018-12-02 06:21:47 334488 ----a-w- C:\Windows\System32\drivers\tmcomm.sys
2018-11-29 17:54:40 143448 ----a-w- C:\Windows\System32\drivers\eamonm.sys
2018-11-29 17:54:40 107896 ----a-w- C:\Windows\System32\drivers\edevmon.sys
2018-11-28 13:09:04 51024 ----a-w- C:\Windows\System32\DbxSvc.exe
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-dev.sys
2018-11-28 13:09:04 47792 ----a-w- C:\Windows\System32\drivers\dbx-canary.sys
2018-11-28 13:09:04 45752 ----a-w- C:\Windows\System32\drivers\dbx-stable.sys
2018-11-18 10:08:21 -------- d-----w- C:\NPE
.
==================== Find3M ====================
.
2018-12-13 07:38:15 152688 ----a-w- C:\Windows\System32\drivers\mbae64.sys
2018-12-06 03:48:46 842240 ----a-w- C:\Windows\SysWow64\FlashPlayerApp.exe
2018-12-06 03:48:46 175104 ----a-w- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
2018-12-06 02:39:38 3227648 ----a-w- C:\Windows\System32\win32k.sys
2018-11-28 22:02:47 12574720 ----a-w- C:\Windows\System32\wmploc.DLL
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\msdxm.ocx
2018-11-28 22:02:45 5632 ----a-w- C:\Windows\System32\dxmasf.dll
2018-11-28 22:02:44 9728 ----a-w- C:\Windows\System32\spwmp.dll
2018-11-28 21:50:18 12574208 ----a-w- C:\Windows\SysWow64\wmploc.DLL
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\msdxm.ocx
2018-11-28 21:38:21 4608 ----a-w- C:\Windows\SysWow64\dxmasf.dll
2018-11-28 21:38:20 8192 ----a-w- C:\Windows\SysWow64\spwmp.dll
2018-11-27 01:33:44 592416 ------w- C:\Windows\System32\MpSigStub.exe
2018-11-15 01:51:22 498176 ----a-w- C:\Windows\SysWow64\vbscript.dll
2018-11-15 01:50:24 576512 ----a-w- C:\Windows\System32\vbscript.dll
2018-11-13 04:54:41 2724864 ----a-w- C:\Windows\System32\mshtml.tlb
2018-11-13 04:54:28 4096 ----a-w- C:\Windows\System32\ieetwcollectorres.dll
2018-11-13 04:41:00 66560 ----a-w- C:\Windows\System32\iesetup.dll
2018-11-13 04:40:17 48640 ----a-w- C:\Windows\System32\ieetwproxystub.dll
2018-11-13 04:40:11 417280 ----a-w- C:\Windows\System32\html.iec
2018-11-13 04:39:43 88064 ----a-w- C:\Windows\System32\MshtmlDac.dll
2018-11-13 04:35:33 5778944 ----a-w- C:\Windows\System32\jscript9.dll
2018-11-13 04:28:52 116224 ----a-w- C:\Windows\System32\ieetwcollector.exe
2018-11-13 04:28:51 144384 ----a-w- C:\Windows\System32\ieUnatt.exe
2018-11-13 04:28:31 814080 ----a-w- C:\Windows\System32\jscript9diag.dll
2018-11-13 04:26:14 2724864 ----a-w- C:\Windows\SysWow64\mshtml.tlb
2018-11-13 04:21:22 969216 ----a-w- C:\Windows\System32\MsSpellCheckingFacility.exe
2018-11-13 04:13:57 62464 ----a-w- C:\Windows\SysWow64\iesetup.dll
2018-11-13 04:13:15 47616 ----a-w- C:\Windows\SysWow64\ieetwproxystub.dll
2018-11-13 04:13:04 341504 ----a-w- C:\Windows\SysWow64\html.iec
2018-11-13 04:12:13 64000 ----a-w- C:\Windows\SysWow64\MshtmlDac.dll
2018-11-13 04:11:39 77824 ----a-w- C:\Windows\System32\JavaScriptCollectionAgent.dll
2018-11-13 04:11:17 87552 ----a-w- C:\Windows\System32\tdc.ocx
2018-11-13 04:03:59 115712 ----a-w- C:\Windows\SysWow64\ieUnatt.exe
2018-11-13 04:03:36 620032 ----a-w- C:\Windows\SysWow64\jscript9diag.dll
2018-11-13 03:51:15 60416 ----a-w- C:\Windows\SysWow64\JavaScriptCollectionAgent.dll
2018-11-13 03:50:50 73216 ----a-w- C:\Windows\SysWow64\tdc.ocx
2018-11-13 03:50:06 1359360 ----a-w- C:\Windows\System32\mshtmlmedia.dll
2018-11-13 03:49:59 2136064 ----a-w- C:\Windows\System32\inetcpl.cpl
2018-11-13 03:42:08 4494848 ----a-w- C:\Windows\SysWow64\jscript9.dll
2018-11-13 03:38:33 4859904 ----a-w- C:\Windows\System32\wininet.dll
2018-11-13 03:37:22 2059776 ----a-w- C:\Windows\SysWow64\inetcpl.cpl
2018-11-13 03:36:42 1155072 ----a-w- C:\Windows\SysWow64\mshtmlmedia.dll
2018-11-13 03:18:56 4386816 ----a-w- C:\Windows\SysWow64\wininet.dll
2018-11-11 17:19:16 631680 ----a-w- C:\Windows\System32\winresume.efi
2018-11-11 17:01:37 708328 ----a-w- C:\Windows\System32\winload.efi
2018-11-11 17:01:36 366824 ----a-w- C:\Windows\System32\drivers\msrpc.sys
2018-11-11 17:01:35 5551848 ----a-w- C:\Windows\System32\ntoskrnl.exe
2018-11-11 17:01:15 154856 ----a-w- C:\Windows\System32\drivers\ksecpkg.sys
2018-11-11 17:01:04 95464 ----a-w- C:\Windows\System32\drivers\ksecdd.sys
2018-11-11 17:00:27 1664360 ----a-w- C:\Windows\System32\ntdll.dll
2018-11-11 16:57:40 44032 ----a-w- C:\Windows\System32\csrsrv.dll
2018-11-11 16:49:44 4054760 ----a-w- C:\Windows\SysWow64\ntkrnlpa.exe
2018-11-11 16:49:09 3960040 ----a-w- C:\Windows\SysWow64\ntoskrnl.exe
2018-11-11 16:47:23 1314104 ----a-w- C:\Windows\SysWow64\ntdll.dll
2018-11-11 16:44:39 17408 ----a-w- C:\Windows\SysWow64\credssp.dll
2018-11-11 16:25:14 148480 ----a-w- C:\Windows\System32\appidpolicyconverter.exe
2018-11-11 16:25:10 62464 ----a-w- C:\Windows\System32\drivers\appid.sys
2018-11-11 16:25:10 17920 ----a-w- C:\Windows\System32\appidcertstorecheck.exe
2018-11-11 16:24:20 64000 ----a-w- C:\Windows\System32\auditpol.exe
2018-11-11 16:20:50 338432 ----a-w- C:\Windows\System32\conhost.exe
2018-11-11 16:20:16 129024 ----a-w- C:\Windows\System32\drivers\videoprt.sys
2018-11-11 16:19:49 296960 ----a-w- C:\Windows\System32\rstrui.exe
2018-11-11 16:19:32 50176 ----a-w- C:\Windows\SysWow64\auditpol.exe
2018-11-11 16:16:39 160768 ----a-w- C:\Windows\System32\drivers\mrxsmb.sys
2018-11-11 16:16:08 291328 ----a-w- C:\Windows\System32\drivers\mrxsmb10.sys
2018-11-11 16:16:06 129536 ----a-w- C:\Windows\System32\drivers\mrxsmb20.sys
2018-11-11 16:15:11 30720 ----a-w- C:\Windows\System32\lsass.exe
2018-11-11 16:15:08 25600 ----a-w- C:\Windows\SysWow64\setup16.exe
2018-11-11 16:15:07 14336 ----a-w- C:\Windows\SysWow64\ntvdm64.dll
2018-11-11 16:15:07 112640 ----a-w- C:\Windows\System32\smss.exe
2018-11-11 16:15:06 7680 ----a-w- C:\Windows\SysWow64\instnm.exe
2018-11-11 16:15:06 2048 ----a-w- C:\Windows\SysWow64\user.exe
2018-11-11 16:15:05 64512 ----a-w- C:\Windows\System32\drivers\amdk8.sys
2018-11-11 16:15:05 62464 ----a-w- C:\Windows\System32\drivers\intelppm.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\processr.sys
2018-11-11 16:15:05 60928 ----a-w- C:\Windows\System32\drivers\amdppm.sys
2018-11-11 16:14:04 36352 ----a-w- C:\Windows\SysWow64\cryptbase.dll
2018-11-11 16:13:55 6144 ---ha-w- C:\Windows\SysWow64\api-ms-win-security-base-l1-1-0.dll
2018-11-11 16:13:55 4608 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-threadpool-l1-1-0.dll
2018-11-11 16:13:55 3584 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-xstate-l1-1-0.dll
2018-11-11 16:13:55 3072 ---ha-w- C:\Windows\SysWow64\api-ms-win-core-util-l1-1-0.dll
2018-11-11 01:25:57 516608 ----a-w- C:\Windows\System32\rpcss.dll
2018-11-11 01:25:52 26112 ----a-w- C:\Windows\System32\oleres.dll
2018-11-11 01:25:52 2072576 ----a-w- C:\Windows\System32\ole32.dll
2018-11-11 01:24:56 8704 ----a-w- C:\Windows\System32\comcat.dll
2018-11-11 01:10:52 26112 ----a-w- C:\Windows\SysWow64\oleres.dll
2018-11-11 01:10:51 1425920 ----a-w- C:\Windows\SysWow64\ole32.dll
2018-11-11 00:47:49 7168 ----a-w- C:\Windows\SysWow64\comcat.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml6r.dll
2018-11-08 16:58:35 2048 ----a-w- C:\Windows\System32\msxml3r.dll
2018-11-08 16:58:35 2009600 ----a-w- C:\Windows\System32\msxml6.dll
2018-11-08 16:58:35 1889280 ----a-w- C:\Windows\System32\msxml3.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml6r.dll
2018-11-08 16:43:47 2048 ----a-w- C:\Windows\SysWow64\msxml3r.dll
2018-11-08 16:43:47 1391104 ----a-w- C:\Windows\SysWow64\msxml6.dll
2018-11-08 16:43:47 1241088 ----a-w- C:\Windows\SysWow64\msxml3.dll
2018-11-06 04:36:00 2048 ----a-w- C:\Windows\System32\tzres.dll
2018-11-06 04:20:48 2048 ----a-w- C:\Windows\SysWow64\tzres.dll
2018-10-27 03:42:17 28160 ----a-w- C:\Windows\System32\wshcon.dll
.
============= FINISH: 0:55:40.05 ===============
