Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help > Resolved HJT Threads

User Tag List

Believe my computer may be remotely monitored or hacked

This is a discussion on Believe my computer may be remotely monitored or hacked within the Resolved HJT Threads forums, part of the Tech Support Forum category. I am a gamer and actively use Steam and it's games have a market that has exponentially become more and


 
 
Thread Tools Search this Thread
Old 05-28-2018, 05:14 PM   #1
Registered Member
 
Join Date: Jan 2006
Posts: 67
OS: Win7



I am a gamer and actively use Steam and it's games have a market that has exponentially become more and more active. Items are bought and sold and these virtual items have a high value which make being targeted for attack commonplace.

My computer seems slower, my FPS in CSGO is low when considering I have a notebook with a 1080GTX (again notebook but still nearly as powerful). When I tab in and out of game it is very slow. I get error messages in my steam developer console that Steam Tech could not really figure out. I have downloaded the files as instructed. I just want to put emphasis that it is possible i logged my steam client to a site that is not legit (all sites have you login from steam and are not officially steam supported which is the problem) and may be remotely hacked which is affecting maybe our internet connection speeds (are lower than usual) and making the system perform worse and simple tab in/tab out much more difficult.

DDS: DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.171.2
Run by Dhop at 20:05:31 on 2018-05-28
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.16344.9761 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k netsvcs -p -s Eaphost
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s dot3svc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\System32\QcomWlanSrvx64.exe
C:\Windows\SysWoW64\MSIService.exe
C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe
C:\WINDOWS\SysWOW64\PnkBstrA.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\WINDOWS\system32\dashost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe
C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s XblAuthManager
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
C:\WINDOWS\System32\fontdrvhost.exe
C:\WINDOWS\System32\dwm.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17122.16211.1000_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe
C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorHelper.exe
C:\Program Files (x86)\SCM\SCM.exe
C:\Program Files (x86)\MSI\Dragon Center\Dragon Center.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe
D:\Steam\Steam.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2svc32.exe
C:\Program Files\Nahimic\Nahimic2\UserInterface\x64\Nahimic2svc64.exe
C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\ProgramData\Razer\Synapse\RzStats\RzStats.Manager.exe
C:\Program Files (x86)\Razer\InGameEngine\32bit\RazerIngameEngine.exe
C:\Users\Dhop\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
C:\Users\Dhop\AppData\Local\razer\InGameEngine\cache\RzStats.Manager\RzCefRenderProcess.exe
C:\Windows\System32\GameBarPresenceWriter.exe
D:\Steam\GameOverlayUI.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\HWiNFO64\HWiNFO64.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
D:\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.9226.21755.0_x64__8wekyb3d8bbwe\HxTsr.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\servicing\TrustedInstaller.exe
C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.17134.1_none_eedfeda03074e04e\TiWorker.exe
C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s camsvc
C:\WINDOWS\system32\svchost.exe -k BcastDVRUserService -s BcastDVRUserService
C:\WINDOWS\system32\svchost.exe -k WbioSvcGroup -s WbioSrvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p -s NgcSvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\ssv.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_171\bin\jp2ssv.dll
uRun: [Steam] "D:\Steam\steam.exe" -silent
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\KILLER~1.LNK - C:\Program Files\Killer Networking\Killer Control Center\KillerControlCenter.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\STEELS~1.LNK - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{17115d41-d7bf-4d12-8eb4-5783a1c34781} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{cbe05159-42df-4a33-815b-81986682349f} : NameServer = 208.67.222.222,208.67.220.220
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [IAStorIcon] "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60
x64-Run: [MsiTrueColor] "C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColor.exe" startup_folder
x64-Run: [SCM] C:\Program Files (x86)\SCM\SCM.exe
x64-Run: [Nahimic2UILauncher] C:\Program Files\Nahimic\Nahimic2\UserInterface\Nahimic2UILauncher.exe /noUI
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\66.0.3359.181\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2016-1-25 795640]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 nvpciflt;nvpciflt;C:\WINDOWS\System32\DriverStore\FileRepository\nvmii.inf_amd64_4d8abe9533345283\nvpciflt.sys [2018-5-26 48384]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver;C:\WINDOWS\System32\drivers\HWiNFO64A.SYS [2017-7-29 27552]
R2 AtherosSvc;AtherosSvc;C:\Program Files (x86)\Bluetooth Suite\AdminService.exe [2016-9-7 338312]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_ed7af0;Connected Devices Platform User Service_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 Fabs;FABS - Helping agent for MAGIX media database;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\FABS.exe [2012-1-23 1858048]
R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2016-9-20 17976]
R2 iocbios2;iocbios2;C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\Drivers\IocDriver\64bit\iocbios2.sys [2016-8-25 37064]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2016-10-6 177440]
R2 Killer Network Service x64;Killer Network Service;C:\Program Files\Killer Networking\Killer Control Center\KillerNetworkService.exe [2017-11-10 2303680]
R2 Micro Star SCM;Micro Star SCM;C:\Windows\SysWOW64\MSIService.exe [2009-7-9 160768]
R2 MSI_ActiveX_Service;MSI_ActiveX_Service;C:\Program Files (x86)\MSI\Dragon Center\MSI_ActiveX_Service.exe [2017-4-24 62392]
R2 MSITrueColorService;MSI True Color Service by Portrait Displays;C:\Program Files\Portrait Displays\MSI True Color\MsiTrueColorService.exe [2016-9-9 180520]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-5-26 764352]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2018-5-26 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2018-5-26 629696]
R2 OneSyncSvc_ed7af0;Sync Host_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 QcomWlanSrv;Qualcomm Atheros WLAN Driver Service;C:\WINDOWS\System32\QcomWlanSrvx64.exe [2017-11-10 220672]
R2 Razer Chroma SDK Server;Razer Chroma SDK Server;C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKServer.exe [2018-1-9 439936]
R2 Razer Chroma SDK Service;Razer Chroma SDK Service;C:\Program Files (x86)\Razer Chroma SDK\bin\RzSDKService.exe [2018-1-9 943232]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2018-3-14 189776]
R2 RfeCoSvc;RfeCoSvc;C:\WINDOWS\System32\drivers\RfeCo10X64.sys [2017-11-10 131816]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2018-5-4 44160]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2017-7-29 140040]
R2 RzSurroundVADStreamingService;Razer Surround Audio Service;C:\ProgramData\Razer\Synapse\Devices\Razer Surround\Driver\RzSurroundVADStreamingService.exe [2018-1-8 4261344]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2017-5-17 279104]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_ed7af0;Windows Push Notifications User Service_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 XTU3SERVICE;Intel(R) Extreme Tuning Utility Service;C:\Program Files (x86)\Intel\Intel(R) Extreme Tuning Utility\XtuService.exe [2016-9-27 18232]
R3 BcastDVRUserService_ed7af0;GameDVR and Broadcast User Service_ed7af0;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
R3 BtFilter;BtFilter;C:\WINDOWS\System32\drivers\btfilter.sys [2016-9-6 605624]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 e2xw10x64;NDIS Miniport Driver for Killer PCI-E Gigabit Ethernet Controller;C:\WINDOWS\System32\drivers\e2xw10x64.sys [2017-10-30 165608]
R3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2017-1-5 217888]
R3 ICCWDT;Intel(R) Watchdog Timer Driver (Intel(R) WDT);C:\WINDOWS\System32\drivers\ICCWDT.sys [2015-10-30 38680]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-7 39920]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-5-26 67432]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-5-26 68112]
R3 PimIndexMaintenanceSvc_ed7af0;Contact Data_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 Qcamain10x64;Qualcomm Atheros Extensible Wireless LAN 11AC device driver;C:\WINDOWS\System32\drivers\Qcamain10x64.sys [2017-11-10 2328488]
R3 RTSPER;Realtek PCIE Card Reader - PER;C:\WINDOWS\System32\drivers\RtsPer.sys [2017-1-5 779232]
R3 rzendpt;rzendpt;C:\WINDOWS\System32\drivers\rzendpt.sys [2016-8-31 51736]
R3 RZSURROUNDVADService;Razer Surround Audio Service;C:\WINDOWS\System32\drivers\RzSurroundVAD.sys [2016-10-16 49176]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2016-8-31 204304]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-7-29 72768]
R3 ssdevfactory;SteelSeries Device Factory Service;C:\WINDOWS\System32\drivers\ssdevfactory.sys [2016-6-14 40568]
R3 sshid;SteelSeries HID Service;C:\WINDOWS\System32\drivers\sshid.sys [2017-6-29 45928]
R3 ssps2;SteelSeries PS/2 Keyboard;C:\WINDOWS\System32\drivers\ssps2.sys [2016-6-14 33896]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-4-11 29080]
R3 UnistoreSvc_ed7af0;User Data Storage_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_ed7af0;User Data Access_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-4-11 781824]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-4-25 61472]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.14.17639.18041-0\NisSrv.exe [2018-4-25 4632736]
R3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 Origin Web Helper Service;Origin Web Helper Service;C:\Program Files (x86)\Origin\OriginWebHelperService.exe [2017-7-29 3002728]
S2 RNDBWM;Rivet Dynamic Bandwidth Management;C:\Program Files\Killer Networking\Killer Control Center\RNDBWMService.exe [2017-11-10 64184]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-8-12 7013384]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_ed7af0;Bluetooth User Support Service_ed7af0;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_ed7af0;DevicePicker_ed7af0;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_ed7af0;DevicesFlow_ed7af0;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FirebirdServerMAGIXInstance;Firebird Server - MAGIX Instance;C:\Program Files (x86)\Common Files\MAGIX Services\Database\bin\fbserver.exe [2011-4-26 2702848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2016-7-26 987432]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_ed7af0;MessagingService_ed7af0;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-5-26 764352]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-5-26 30656]
S3 Origin Client Service;Origin Client Service;C:\Program Files (x86)\Origin\OriginClientService.exe [2017-7-29 2123104]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_ed7af0;PrintWorkflow_ed7af0;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-4-11 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-4-11 945560]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-5-18 976384]
S3 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-4-11 105376]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 ThunderboltService;Thunderbolt(TM) Service;C:\Program Files (x86)\Intel\Thunderbolt Software\tbtsvc.exe [2016-8-15 2015968]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Device Service;C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [2016-8-18 54352]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-05-28 23:05:26 14600328 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{6B414784-37FB-4A54-A7A4-6627DE9F663D}\mpengine.dll
2018-05-26 16:55:50 -------- d-----w- C:\Users\Dhop\AppData\Local\NVIDIA
2018-05-26 16:55:12 2495936 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2018-05-26 16:55:12 2163648 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2018-05-26 16:55:12 1311680 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2018-05-26 16:48:45 904896 ----a-w- C:\WINDOWS\SysWow64\nvfatbinaryLoader.dll
2018-05-26 10:29:13 14600328 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-05-19 03:55:33 -------- d-----w- C:\Windows.old
2018-05-19 00:03:40 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-19 00:01:49 -------- d-sh--we C:\ProgramData\Documents
2018-05-18 23:59:36 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2018-05-18 23:59:29 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-18 23:59:29 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-18 23:57:31 552024 ----a-w- C:\WINDOWS\System32\OpenCL.dll
2018-05-18 23:57:31 456792 ----a-w- C:\WINDOWS\SysWow64\OpenCL.dll
2018-05-18 23:56:01 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-18 23:55:52 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-18 23:13:04 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-18 23:13:04 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-18 23:08:58 2700800 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2018-05-18 22:59:00 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2018-05-18 22:58:59 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2018-05-18 22:58:59 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-05-18 22:58:58 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2018-05-18 22:58:57 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2018-05-18 22:58:56 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2018-05-18 22:57:19 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-05-18 22:57:19 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-05-18 22:57:18 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-05-18 22:57:17 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-05-18 22:57:17 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-05-18 22:57:16 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-18 21:44:53 -------- dc----w- C:\WINDOWS\Panther
2018-05-04 18:14:32 44160 ----a-w- C:\WINDOWS\System32\drivers\rzpmgrk.sys
.
==================== Find3M ====================
.
2018-05-23 18:20:58 474040 ----a-w- C:\WINDOWS\System32\drivers\NVIDIA Corporation\Drs\dbInstaller.exe
2018-05-23 18:20:44 17784432 ----a-w- C:\WINDOWS\System32\nvcuda.dll
2018-05-23 18:20:40 15195248 ----a-w- C:\WINDOWS\SysWow64\nvcuda.dll
2018-05-23 18:20:38 4855208 ----a-w- C:\WINDOWS\System32\nvapi64.dll
2018-05-23 18:20:36 4125048 ----a-w- C:\WINDOWS\SysWow64\nvapi.dll
2018-05-22 22:00:54 68112 ----a-w- C:\WINDOWS\System32\drivers\nvvhci.sys
2018-05-22 22:00:54 67432 ----a-w- C:\WINDOWS\System32\drivers\nvvad64v.sys
2018-05-22 22:00:54 47648 ----a-w- C:\WINDOWS\System32\nvhdap64.dll
2018-05-22 22:00:54 227928 ----a-w- C:\WINDOWS\System32\drivers\nvhda64v.sys
2018-05-22 22:00:54 209192 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2018-05-22 22:00:54 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2018-05-22 22:00:54 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2018-05-22 22:00:54 169256 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2018-05-22 22:00:54 1688848 ----a-w- C:\WINDOWS\System32\nvhdagenco6420103.dll
2018-05-22 20:09:28 132392 ----a-w- C:\WINDOWS\SysWow64\nvStreaming.exe
2018-05-22 19:58:00 2612520 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2018-05-22 19:57:59 5947328 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2018-05-22 19:57:29 1767360 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2018-05-22 19:57:28 450960 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2018-05-22 19:57:28 124200 ----a-w- C:\WINDOWS\System32\nvshext.dll
2018-05-22 19:57:26 83240 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2018-05-22 19:57:26 633984 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2018-05-22 06:43:13 8186102 ----a-w- C:\WINDOWS\System32\nvcoproc.bin
2018-05-18 23:08:58 2486976 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2018-05-09 02:38:09 141696960 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-05-01 21:22:36 835064 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-05-01 21:22:36 179704 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-04-25 22:17:29 61472 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-04-25 22:17:29 46072 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-04-25 22:17:29 313888 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-04-23 00:12:03 98760 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2018-04-20 15:30:40 828728 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2018-04-20 15:30:40 828728 ----a-w- C:\WINDOWS\SysWow64\vulkan-1-999-0-0-0.dll
2018-04-20 15:30:24 591160 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2018-04-20 15:30:24 591160 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo-1-999-0-0-0.exe
2018-04-20 15:30:06 961336 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2018-04-20 15:30:06 961336 ----a-w- C:\WINDOWS\System32\vulkan-1-999-0-0-0.dll
2018-04-20 15:29:52 700728 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2018-04-20 15:29:52 700728 ----a-w- C:\WINDOWS\System32\vulkaninfo-1-999-0-0-0.exe
2018-04-12 09:14:26 6656 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2018-04-12 09:14:23 11776 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2018-04-12 09:14:19 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2018-04-11 23:36:40 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2018-04-11 23:36:39 229376 ----a-w- C:\WINDOWS\System32\msclmd.dll
2018-04-11 23:34:59 96256 ----a-w- C:\WINDOWS\SysWow64\IdCtrls.dll
2018-04-11 23:33:58 956416 ----a-w- C:\WINDOWS\System32\WebcamUi.dll
2018-04-11 21:04:40 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2018-04-11 21:04:39 141312 ----a-w- C:\WINDOWS\System32\poqexec.exe
2018-04-11 21:04:35 846744 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2018-04-11 21:04:35 795032 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2018-04-11 21:04:35 207872 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2018-04-11 21:04:35 141728 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2018-04-11 21:04:35 131488 ----a-w- C:\WINDOWS\System32\SSShim.dll
2018-04-11 21:04:35 110592 ----a-w- C:\WINDOWS\System32\NetDriverInstall.dll
2018-04-11 21:04:34 244640 ----a-w- C:\WINDOWS\System32\wdscore.dll
2018-04-11 07:08:00 387928 ----a-w- C:\WINDOWS\System32\wmpps.dll
2018-04-11 07:02:00 277424 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2018-04-11 06:44:00 571392 ----a-w- C:\WINDOWS\System32\quickassist.exe
2018-04-11 06:39:00 9137664 ----a-w- C:\WINDOWS\System32\wmploc.DLL
2018-04-11 06:39:00 906240 ----a-w- C:\WINDOWS\System32\sqlceqp40.dll
2018-04-11 06:39:00 7168 ----a-w- C:\WINDOWS\System32\msdxm.ocx
2018-04-11 06:39:00 7168 ----a-w- C:\WINDOWS\System32\dxmasf.dll
2018-04-11 06:39:00 517632 ----a-w- C:\WINDOWS\System32\sqlcese40.dll
2018-04-11 06:39:00 2560 ----a-w- C:\WINDOWS\System32\wmerror.dll
2018-04-11 06:39:00 254976 ----a-w- C:\WINDOWS\System32\unregmp2.exe
2018-04-11 06:39:00 215552 ----a-w- C:\WINDOWS\System32\wmpdxm.dll
2018-04-11 06:39:00 202240 ----a-w- C:\WINDOWS\System32\sqlceoledb40.dll
2018-04-11 06:39:00 137728 ----a-w- C:\WINDOWS\System32\sqlcecompact40.dll
2018-04-11 06:39:00 126464 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-04-11 06:39:00 11264 ----a-w- C:\WINDOWS\System32\spwmp.dll
2018-04-11 06:00:00 44032 ----a-w- C:\WINDOWS\System32\msdxm.tlb
2018-04-11 06:00:00 18944 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2018-04-11 05:20:00 251096 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2018-04-11 05:20:00 153976 ----a-w- C:\WINDOWS\SysWow64\wmpps.dll
2018-04-11 05:12:00 458240 ----a-w- C:\WINDOWS\SysWow64\quickassist.exe
2018-04-11 05:08:00 9137664 ----a-w- C:\WINDOWS\SysWow64\wmploc.DLL
2018-04-11 05:08:00 730624 ----a-w- C:\WINDOWS\SysWow64\sqlceqp40.dll
2018-04-11 05:08:00 427520 ----a-w- C:\WINDOWS\SysWow64\sqlcese40.dll
2018-04-11 05:08:00 2560 ----a-w- C:\WINDOWS\SysWow64\wmerror.dll
2018-04-11 05:08:00 215040 ----a-w- C:\WINDOWS\SysWow64\unregmp2.exe
2018-04-11 05:08:00 172544 ----a-w- C:\WINDOWS\SysWow64\wmpdxm.dll
2018-04-11 05:08:00 101888 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-04-11 05:07:00 9216 ----a-w- C:\WINDOWS\SysWow64\spwmp.dll
2018-04-11 05:07:00 5632 ----a-w- C:\WINDOWS\SysWow64\msdxm.ocx
2018-04-11 05:07:00 5632 ----a-w- C:\WINDOWS\SysWow64\dxmasf.dll
2018-04-11 05:07:00 173568 ----a-w- C:\WINDOWS\SysWow64\sqlceoledb40.dll
2018-04-11 05:07:00 117760 ----a-w- C:\WINDOWS\SysWow64\sqlcecompact40.dll
2018-04-11 04:31:00 44032 ----a-w- C:\WINDOWS\SysWow64\msdxm.tlb
2018-04-11 04:31:00 18944 ----a-w- C:\WINDOWS\SysWow64\amcompat.tlb
2018-04-10 21:11:00 48640 ----a-w- C:\WINDOWS\SysWow64\SyncProxy.dll
2018-04-10 21:11:00 48640 ----a-w- C:\WINDOWS\SysWow64\APHostClient.dll
2018-04-10 21:11:00 2629120 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2018-04-10 21:10:00 5739008 ----a-w- C:\WINDOWS\System32\prm0009.dll
2018-04-10 21:10:00 2560 ----a-w- C:\WINDOWS\SysWow64\SyncRes.dll
2018-04-10 21:10:00 148480 ----a-w- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
2018-04-10 21:10:00 117760 ----a-w- C:\WINDOWS\SysWow64\networkhelper.dll
2018-04-10 21:09:00 520704 ----a-w- C:\WINDOWS\SysWow64\SyncController.dll
2018-04-10 21:09:00 2629120 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2018-04-10 21:09:00 214016 ----a-w- C:\WINDOWS\SysWow64\accountaccessor.dll
2018-04-10 21:09:00 20480 ----a-w- C:\WINDOWS\System32\MCCSPal.dll
.
============= FINISH: 20:05:47.45 ===============
Attached Files
File Type: txt attach.txt (7.2 KB, 12 views)
terminator02 is offline  
Sponsored Links
Advertisement
 
Old 06-02-2018, 11:38 AM   #2
Registered Member
 
Join Date: Jan 2006
Posts: 67
OS: Win7



respectfully bumping; it's been about 5 days
Just realized my profile says OS win7 but I am on 10.
terminator02 is offline  
Old 06-02-2018, 12:50 PM   #3
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello and Welcome to TSF.

If you haven't already, please Subscribe to this Thread to get immediate notification of replies as soon as they are posted. To do this click Thread Tools, then click Subscribe to this Thread. Make sure it is set to Instant notification by email, then click Add Subscription.

Please note that the forum is very busy and if I don't hear from you within three days this thread will be closed.

------------------------------------------------------

I'm not seeing anything suspicious in your logs, and our tools won't reflect hacking issues.

You will probably need to seek help in one of our other forums when we are done here.

------------------------------------------------------

Please download AdwCleaner from here and save it to your desktop.
  • Run AdwCleaner and select Scan Now
  • Once the Scan is done, select Clean & Repair
  • When prompted, select Clean & Restart Now
  • On reboot, a log will be produced. It can also be found at C:\AdwCleaner\Logs\AdwCleaner[C0#].txt
  • Please copy/paste the contents of the log in your next reply.
------------------------------------------------------

Please download Farbar Recovery Scan Tool and save it to your desktop.
  • Double-click FRST64 to run it. When the tool opens click Yes to the disclaimer.
  • Make sure the Addition.txt button is ticked.
  • Press Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • It also makes another log (Addition.txt). Please attach it to your reply.
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Sponsored Links
Advertisement
 
Old 06-02-2018, 08:36 PM   #4
Registered Member
 
Join Date: Jan 2006
Posts: 67
OS: Win7



I hope I did this right. Thanks for the response.

# -------------------------------
# Malwarebytes AdwCleaner 7.1.1.0
# -------------------------------
# Build: 04-27-2018
# Database: 2018-06-01.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-02-2018
# Duration: 00:00:00
# OS: Windows 10 Home
# Cleaned: 1
# Failed: 1


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

Deleted Ask
Not Deleted AOL

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
Attached Files
File Type: txt FRST.txt (72.8 KB, 17 views)
File Type: txt Addition.txt (47.9 KB, 21 views)
terminator02 is offline  
Old 06-03-2018, 11:32 AM   #5
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Hello terminator02. You're very welcome. Again, I see no sign of infection in your logs.

------------------------------------------------------

CCleaner

We do not recommend the use of registry cleaners, or the registry cleaner feature of CCleaner. Our colleague miekiemoes has an excellent writeup here

------------------------------------------------------
  • Open Notepad (Start > All Programs > Accessories > Notepad).
  • Please copy all the text in the codebox below. (To do this highlight the contents of the box, right-click on it and select Copy. Right-click in the open Notepad and select Paste).
  • Save it as fixlist.txt next to FRST64.exe

    NOTE: Both FRST64.exe and the fixlist.txt must be in the same location or the fix will not work.


    Code:
    start
    createrestorepoint:
    ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
    ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} =>  -> No File
    HKLM-x32\...\Run: [] => [X]
    SearchScopes: HKU\S-1-5-21-2402327696-3002306-3807877413-1001 -> DefaultScope {7E2893E6-4BE6-4D22-9E0B-C051DD604A52} URL = 
    SearchScopes: HKU\S-1-5-21-2402327696-3002306-3807877413-1001 -> {7E2893E6-4BE6-4D22-9E0B-C051DD604A52} URL = 
    EmptyTemp:
    end
  • Double-click FRST64 to run the tool. If the tool warns you the version is outdated, please download and run the updated version.
  • Click the Fix button just once, and wait.
  • If you receive a message that a reboot is required, please make sure you allow it to restart normally.
  • The tool will complete its run after the restart.
  • When finished, the tool will make a log (Fixlog.txt) in the same location from where it was run. Please post the Fixlog.txt log in your reply.

NOTE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

------------------------------------------------------

Please run this online scan to help look for remnants.

Go here and click 'SCAN NOW' under 'ESET Online Scanner' to check for remnants.
  • You will be prompted to download and install esetonlinescanner_enu.exe. Click on the link and save the file to a convenient location.
  • Double-click on esetonlinescanner_enu.exe to install and a new window will open. Follow the prompts.
  • Turn off the real-time scanner of any existing antivirus program before performing the online scan. Here's how
  • At the bottom of the Terms of use window, tick the option Download latest version of ESET Online Scanner then click Accept
  • When/if prompted by UAC, 'Do you want to allow this app to make changes to your PC?', please choose Yes
  • Tick the option Enable detection of potentially unwanted applications
  • Click on Advanced settings
  • Make sure that the option Clean threats automatically is unticked.
  • Ensure these options are ticked:
    • Enable detection of potentially unsafe applications
    • Enable detection of suspicious applications
    • Scan archives
    • Enable Anti-Stealth technology
  • Click Scan
  • Wait for the scan to finish.
  • When the scan is done, if it shows a screen that says Threats found, click Save to text file... then name it and save it to your desktop.
  • Do NOT be alarmed by what you see in the report. Many of the finds have likely been quarantined.
  • Please copy/paste the contents of the log in your next reply.
  • To close ESET Online Scanner, select Do not clean then Finish
------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-10-2018, 08:44 AM   #6
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



Still with us, terminator02? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.

------------------------------------------------------
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
Old 06-10-2018, 02:36 PM   #7
Registered Member
 
Join Date: Jan 2006
Posts: 67
OS: Win7



Quote:
Originally Posted by chemist View Post
Still with us, terminator02? I generally unsubscribe from threads after 3 days of inactivity. If you do not reply within 24 hours, this thread will be closed.

------------------------------------------------------
I apologize to both you and the forum members as I know resources are valuable and limited and I should have come here to close the thread myself. I have figured out the culprit and did the other checks and fixes. There doesn't appear to be anything. Thank you for all the help and I am sorry that I didn't update the forum when I found the culprit.

Regards,

Term
terminator02 is offline  
Old 06-11-2018, 03:26 PM   #8
Security Team
Moderator, Analyst
Rangemaster, TSF Academy
 
chemist's Avatar

Microsoft Most Valuable Professional
 
Join Date: Oct 2007
Location: Georgia
Posts: 29,790
OS: XP/Win7/Win10



You're welcome.
__________________
Our services are free, but you may contribute to the author of ComboFix via PayPal

Proud member of UNITE

Microsoft MVP - Consumer Security 2014, 2015
chemist is offline  
 

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
BSOD help Windows 7 64 bit
Over the last months I have had different BSOD's. I have little time have not been really been able to post information, but today I have some time finally (plus getting tired of it). Could you help me out identifying what the driver, hardware, problem is? Thanks so much in advance! ...
HardTrance9 BSOD, App Crashes And Hangs 24 02-18-2014 06:01 PM
[SOLVED] help!!!! guy gone crazy with bluscreans!!!:@:@
i have an intel dh55hc motherboard in my pc i built my pc during summertime and at that time i got the patriot ram ... the whole stock had problems .. (they work with onestick bt the pc wont boot with 2 sticks) so i had a stick of 2gigs of that ram .. then i upgraded it with a kingston ram ..and...
avok95 Motherboards, Bios & CPU 21 11-17-2013 06:14 AM
Buying advice for new laptop please
I am looking to buy a new laptop for my programming major at university. Thus, it has to be a very robust machine, with adequate cooling, 1920x1080 resolution and easy maintenance (easy to add and remove SATA II hdds). Which brand should I get? Please help me decide from this list: ALTERNATE ...
12311 Laptop Support 13 10-22-2013 09:34 AM
Suspect virus that is undetected
It seems that IE 8 is not loading pages well. As I navigate through websites, I get stuttering and have to wait for the page to load. I am getting many instances where I have unresponsive pages. This is escalating to 10 or more times a day and on various websites. A couple of days ago, I...
Ladysmith94 Resolved HJT Threads 58 09-22-2013 07:56 AM
Power Supply Information and Selection
:smile: CHOOSING AND UNDERSTANDING A POWER SUPPLY UNIT The power supply unit in today’s modern computer assumes a role probably more critical than any other single component in your system even when compared to the CPU and motherboard. Therefore, there are multiple factors that must...
Tumbleweed36 RAM and Power Supply Support 0 07-09-2006 03:41 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 02:07 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts