Go Back   Tech Support Forum > Security Center > Virus/Trojan/Spyware Help

User Tag List

Google Search Results Go to Yahoo.com

This is a discussion on Google Search Results Go to Yahoo.com within the Virus/Trojan/Spyware Help forums, part of the Tech Support Forum category. When I type a search item in Google, the results immediately redirect to Yahoo results. What can I do to


Closed Thread
 
Thread Tools Search this Thread
Old 02-19-2018, 08:22 AM   #1
Registered Member
 
Join Date: Feb 2018
Location: Pittsburgh PA
Posts: 7
OS: Windows 10



When I type a search item in Google, the results immediately redirect to Yahoo results. What can I do to fix this?

EDIT: I'm using Google Chrome. This problem doesn't present itself on Firefox.
TG7187 is offline  
Sponsored Links
Advertisement
 
Old 02-19-2018, 08:49 AM   #2
Moderator, Editor, Articles Team
 
Deejay100six's Avatar
 
Join Date: Nov 2007
Location: Doncaster, Great Britain
Posts: 11,805
OS: Windows 7 Professional SP1

My System


Hi,

Please follow the instructions here > NEW INSTRUCTIONS - Read This Before Posting For Malware Removal Help - Tech Support Forum

Follow the instructions carefully and if you have any problems with them, let the analyst know in your thread.

Post your logs as per the instructions in the Virus/Trojan/Spyware Help forum........not here.

Be advised that this part of the forum is usually very busy so some patience will be required but someone will be along to assist you when they can.

If you have no response within 72 hours, you may reply to your own thread with 'Bump please', this will result in your thread moving to the top of the forum making it more visible.

Good luck.
__________________
Regards, Dave.


Submit New Articles Here

Help us to help you by posting your System Specs
Deejay100six is offline  
Old 02-19-2018, 09:33 AM   #3
Registered Member
 
Join Date: Feb 2018
Location: Pittsburgh PA
Posts: 7
OS: Windows 10



Can this thread be moved to the appropriate forum?

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.16299.15
Run by Thomas at 12:21:15 on 2018-02-19
Microsoft Windows 10 Home 10.0.16299.0.1252.1.1033.18.6143.3135 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\nvvsvc.exe
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Windows\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe
C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe
C:\Program Files (x86)\PDF Complete\pdfsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k iissvcs
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s QWAVE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files (x86)\NordVPN\nordvpn-service.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\WINDOWS\System32\dwm.exe
C:\WINDOWS\System32\fontdrvhost.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\WINDOWS\system32\nvvsvc.exe
C:\Windows\system32\atieclxx.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\Program Files\ByteFence\rtop\bin\rtop_bg.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\WINDOWS\Explorer.EXE
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
C:\Program Files\Logitech\LogiOptions\LogiOptions.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOptionsMgr.exe
C:\WINDOWS\system32\RunDll32.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files (x86)\Hp\HP Software Update\hpwuschd2.exe
C:\ProgramData\Logishrd\LogiOptions\Software\Current\LogiOverlay.exe
C:\Program Files (x86)\NordVPN\NordVPN.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\taskhostw.exe
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\AUDIODG.EXE
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files\Microsoft Office\Office15\OUTLOOK.EXE
C:\WINDOWS\system32\ApplicationFrameHost.exe
svchost.exe
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ytd_18_03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutB0CtByB0DyBtByEyCyCtC0DyCzytAtAtN0D0Tzu0StBtBtDzztN1L2XzuyEtFtBtCtFtDtFyDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDzzzzyEtA0F0FtGyByD0A0BtGtDyE0ByCtGtBzyyE0DtG0DyBtDtDtB0DyCyDyByDtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC1OzzyDzyyC1O1OtGtB1PzzyCtGyE1StCtCtGzy1Q1P1StGyDtDyE1OtCtCzzyC1SyE1TtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCyCtCzyyDtDyCtB%26cr%3D342816412%26a%3Dwbf_ytd_18_03%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ytd_18_03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutB0CtByB0DyBtByEyCyCtC0DyCzytAtAtN0D0Tzu0StBtBtDzztN1L2XzuyEtFtBtCtFtDtFyDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDzzzzyEtA0F0FtGyByD0A0BtGtDyE0ByCtGtBzyyE0DtG0DyBtDtDtB0DyCyDyByDtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC1OzzyDzyyC1O1OtGtB1PzzyCtGyE1StCtCtGzy1Q1P1StGyDtDyE1OtCtCzzyC1SyE1TtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCyCtCzyyDtDyCtB%26cr%3D342816412%26a%3Dwbf_ytd_18_03%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
mRun: [HP Software Update] C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe
StartupFolder: C:\Users\Thomas\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\MONITO~1.LNK - C:\WINDOWS\System32\RunDll32.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~2\Office15\EXCEL.EXE/3000
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print 2.0\smartprintsetup.exe
TCP: Interfaces\{4c401a1c-dd13-4013-b198-b2bf2a71a79f} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{93878bd2-ba02-4dde-b4ce-af9a93ddc01f} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{a7be4c10-9789-419e-979d-36b08bf9fa00} : NameServer = 10.4.0.1
TCP: Interfaces\{a7be4c10-9789-419e-979d-36b08bf9fa00} : DHCPNameServer = 10.4.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-mStart Page = hxxps://us.search.yahoo.com/yhs/web?hspart=iry&hsimp=yhs-fullyhosted_003&type=wbf_ytd_18_03&param1=1&param2=f%3D1%26b%3DIE%26cc%3Dus%26pa%3Dwincy%26cd%3D2XzuyEtN2Y1L1QzutB0CtByB0DyBtByEyCyCtC0DyCzytAtAtN0D0Tzu0StBtBtDzztN1L2XzuyEtFtBtCtFtDtFyDyBtN1L1CzutN1L1G1B1V1N2Y1L1Qzu2SyDtDzzzzyEtA0F0FtGyByD0A0BtGtDyE0ByCtGtBzyyE0DtG0DyBtDtDtB0DyCyDyByDtDtB2QtN1M1F1B2Z1V1N2Y1L1Qzu2StC1OzzyDzyyC1O1OtGtB1PzzyCtGyE1StCtCtGzy1Q1P1StGyDtDyE1OtCtCzzyC1SyE1TtD2QtN0A0LzuyEtN1B2Z1V1T1S1NzutN1Q2Z1B1P1RzutCyDtCyCtCzyyDtDyCtB%26cr%3D342816412%26a%3Dwbf_ytd_18_03%26os_ver%3D10.0%26os%3DWindows%2B10%2BHome
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [NvBackend] "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
x64-Run: [CsrHCRPServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrHCRPServer.exe
x64-Run: [CsrAudioguiCtrl] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrAudioguiCtrl.exe
x64-Run: [CsrSyncMLServer] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrSyncMLServer.exe
x64-Run: [vksts] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\vksts.exe
x64-Run: [HarmonyUserStartup] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\HarmonyUserStartup.exe
x64-Run: [CSRHarmonySkypePlugin] C:\Program Files (x86)\CSR\CSR Harmony Wireless Software Stack\CSRHarmonySkypePlugin.exe
x64-Run: [TrayApplication] C:\Program Files\CSR\CSR Harmony Wireless Software Stack\TrayApplication.exe
x64-Run: [LogiOptions] C:\Program Files\Logitech\LogiOptions\LogiOptions.exe /noui
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\64.0.3282.167\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly
Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com
Hosts: 0.0.0.0 media.opencandy.com
Hosts: 0.0.0.0 cdn.opencandy.com
Hosts: 0.0.0.0 tracking.opencandy.com
.
Note: multiple HOSTS entries found. Please refer to Attach.txt
.
================= FIREFOX ===================
.
FF - ProfilePath - C:\Users\Thomas\AppData\Roaming\Mozilla\Firefox\Profiles\otxtv8yf.default-1510423953299\
FF - prefs.js: browser.search.selectedEngine - Yahoo! Powered
FF - prefs.js: browser.startup.homepage - about:home
FF - prefs.js: keyword.URL - true
FF - plugin: C:\Program Files\MICROS~2\Office15\NPSPWRAP.DLL
FF - plugin: C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll
FF - plugin: C:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrlui.dll
FF - plugin: C:\WINDOWS\System32\Macromed\Flash\NPSWF64_28_0_0_161.dll
.
============= SERVICES / DRIVERS ===============
.
R0 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2011-6-7 75904]
R0 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2011-6-7 38016]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-1-3 59800]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 MpKsl1129851b;MpKsl1129851b;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB226C73-9B7C-4A02-886A-0EA2C33FA3DC}\MpKsl1129851b.sys [2018-2-19 58120]
R1 MpKsl7aa3c8e9;MpKsl7aa3c8e9;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F22EEF1B-DC15-473E-B374-9652B1928BB7}\MpKsl7aa3c8e9.sys [2018-2-15 58120]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2011-6-7 203264]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-1-5 83768]
R2 BtSwitcherService;CSR Bluetooth Switcher Service;C:\Program Files\CSR\CSR Harmony Wireless Software Stack\BtSwitcherService.exe [2012-3-22 64216]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_ce85d2d;Connected Devices Platform User Service_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-2-15 385536]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 CSRBtAudioService;CSR Bluetooth Audio Service;C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtAudioService.exe [2012-3-22 465624]
R2 CsrBtOBEXService;CSR OBEX Service;C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtOBEXService.exe [2012-3-22 1041616]
R2 CsrBtService;CSR Bluetooth Service;C:\Program Files\CSR\CSR Harmony Wireless Software Stack\CsrBtService.exe [2012-3-22 825032]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 nordvpn-service;nordvpn-service;C:\Program Files (x86)\NordVPN\nordvpn-service.exe [2018-1-4 420640]
R2 OneSyncSvc_ce85d2d;Sync Host_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 pdfcDispatcher;PDF Document Manager;C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2017-11-29 1793088]
R2 rtop;rtop;C:\Program Files\ByteFence\rtop\bin\rtop_svc.exe [2018-1-17 302920]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-2-15 519144]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-1-3 147864]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_ce85d2d;Windows Push Notifications User Service_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
R3 CsrBtPort;Csr Bluetooth Device Driver;C:\WINDOWS\System32\drivers\CsrBtPort.sys [2012-3-22 2784968]
R3 csrhidmini;Bluetooth HID Host Profile;C:\WINDOWS\System32\drivers\csrhidmini.sys [2012-3-22 29896]
R3 csrpan;Bluetooth Personal Area Network Device Driver;C:\WINDOWS\System32\drivers\csrpan.sys [2012-3-22 39616]
R3 csrserial;SPP Device Driver;C:\WINDOWS\System32\drivers\csrserial.sys [2012-3-22 61128]
R3 csrusb;CSR USB driver for Bluetooth dongle;C:\WINDOWS\System32\drivers\csrusb.sys [2012-3-22 47296]
R3 csrusbfilter;CSR USB filter driver;C:\WINDOWS\System32\drivers\csrusbfilter.sys [2012-3-22 23752]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 PimIndexMaintenanceSvc_ce85d2d;Contact Data_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-9-29 604160]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tapnordvpn;TAP-NordVPN Windows Adapter V9;C:\WINDOWS\System32\drivers\tapnordvpn.sys [2017-3-27 84432]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 UnistoreSvc_ce85d2d;User Data Storage_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 UserDataSvc_ce85d2d;User Data Access_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-1-19 129616]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.12.17007.18011-0\NisSrv.exe [2018-1-19 356168]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]
S2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 DevicesFlowUserSvc_ce85d2d;DevicesFlow_ce85d2d;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_ce85d2d;MessagingService_ce85d2d;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\WINDOWS\System32\drivers\netaapl64.sys [2016-12-21 23040]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-1-3 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2017-9-12 188632]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_ce85d2d;PrintWorkflow_ce85d2d;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 Revoflt;Revoflt;C:\WINDOWS\System32\drivers\revoflt.sys [2017-5-9 31800]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-1-3 956416]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-1-3 103320]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-12-9 45464]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-12-9 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-12-9 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-12-9 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2016-12-21 54784]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2017-9-29 48688]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-9 770048]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-2-15 225792]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S4 wlcrasvc;Windows Live Mesh remote connections service;C:\Program Files\Windows Live\Mesh\wlcrasvc.exe [2010-9-22 57184]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-02-19 16:56:04 -------- d-----w- C:\ProgramData\Emsisoft
2018-02-19 16:45:55 -------- d-----w- C:\EEK
2018-02-19 16:20:30 -------- d-----w- C:\Users\Thomas\AppData\Local\Trend Micro
2018-02-19 16:20:12 -------- d-----w- C:\ProgramData\Trend Micro
2018-02-19 16:20:09 -------- d-----w- C:\WINDOWS\Trend Micro
2018-02-19 16:16:10 307352 ----a-w- C:\WINDOWS\System32\drivers\tmcomm.sys
2018-02-19 12:39:59 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB226C73-9B7C-4A02-886A-0EA2C33FA3DC}\MpKsl1129851b.sys
2018-02-19 12:38:38 14047160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EB226C73-9B7C-4A02-886A-0EA2C33FA3DC}\mpengine.dll
2018-02-18 00:19:01 14047160 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-02-16 12:56:51 -------- d-----w- C:\Users\Thomas\AppData\Local\Clipboarder
2018-02-16 00:07:03 -------- d-----w- C:\WINDOWS\System32\drivers\wd
2018-02-15 14:45:59 592792 ----a-w- C:\WINDOWS\SysWow64\wimgapi.dll
2018-02-15 14:34:20 58120 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{F22EEF1B-DC15-473E-B374-9652B1928BB7}\MpKsl7aa3c8e9.sys
2018-02-13 00:15:31 -------- d-----w- C:\ProgramData\SystemAcCrux
2018-02-12 17:58:32 -------- d--h--w- C:\Users\Thomas\MicrosoftEdgeBackups
2018-01-24 02:36:31 -------- d-----w- C:\Program Files\iPod
2018-01-24 02:35:20 -------- d-----w- C:\Program Files\iTunes
.
==================== Find3M ====================
.
2018-02-14 13:28:22 130067560 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-02-10 06:24:01 270744 ----a-w- C:\WINDOWS\System32\acmigration.dll
2018-02-10 06:23:51 138136 ----a-w- C:\WINDOWS\System32\CompatTelRunner.exe
2018-02-10 06:23:48 1577880 ----a-w- C:\WINDOWS\System32\appraiser.dll
2018-02-10 06:23:32 758168 ----a-w- C:\WINDOWS\System32\generaltel.dll
2018-02-10 06:23:05 613272 ----a-w- C:\WINDOWS\System32\devinv.dll
2018-02-10 06:22:44 387480 ----a-w- C:\WINDOWS\System32\invagent.dll
2018-02-10 06:22:42 2003352 ----a-w- C:\WINDOWS\System32\aitstatic.exe
2018-02-10 06:22:35 70040 ----a-w- C:\WINDOWS\System32\win32appinventorycsp.dll
2018-02-10 06:22:35 35224 ----a-w- C:\WINDOWS\System32\DeviceCensus.exe
2018-02-10 06:22:17 460696 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-02-10 06:22:12 662936 ----a-w- C:\WINDOWS\System32\aeinv.dll
2018-02-10 06:22:07 272800 ----a-w- C:\WINDOWS\System32\aepic.dll
2018-02-10 06:21:39 1092016 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-02-10 06:21:17 279456 ----a-w- C:\WINDOWS\System32\drivers\msiscsi.sys
2018-02-10 06:21:02 479912 ----a-w- C:\WINDOWS\System32\ucrtbase_enclave.dll
2018-02-10 06:20:59 924648 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-02-10 06:20:39 77208 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-02-10 06:20:12 1206680 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-02-10 06:20:11 1055640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-02-10 06:20:06 599448 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-02-10 06:19:25 1133888 ----a-w- C:\WINDOWS\System32\MSVP9DEC.dll
2018-02-10 06:18:59 319864 ----a-w- C:\WINDOWS\System32\wow64.dll
2018-02-10 06:18:50 98272 ----a-w- C:\WINDOWS\System32\FsIso.exe
2018-02-10 06:18:50 22400 ----a-w- C:\WINDOWS\System32\wow64cpu.dll
2018-02-10 06:18:42 1193192 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryPS.dll
2018-02-10 06:17:32 1209240 ----a-w- C:\WINDOWS\System32\winload.exe
2018-02-10 06:16:30 2406456 ----a-w- C:\WINDOWS\System32\msmpeg2vdec.dll
2018-02-10 06:16:09 8603032 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2018-02-10 06:15:58 1415296 ----a-w- C:\WINDOWS\System32\winload.efi
2018-02-10 06:15:53 2514944 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2018-02-10 06:15:34 1954048 ----a-w- C:\WINDOWS\System32\ntdll.dll
2018-02-10 06:14:51 1002592 ----a-w- C:\WINDOWS\System32\ucrtbase.dll
2018-02-10 06:14:48 2395032 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys
2018-02-10 06:14:34 4504464 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-02-10 06:13:23 1416392 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-02-10 06:13:19 373656 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2018-02-10 06:13:12 535960 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2018-02-10 06:13:08 408984 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2018-02-10 06:12:48 712600 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-02-10 06:12:26 1277848 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys
2018-02-10 06:12:18 4537040 ----a-w- C:\WINDOWS\System32\setupapi.dll
2018-02-10 06:12:03 1313016 ----a-w- C:\WINDOWS\System32\Taskmgr.exe
2018-02-10 06:11:49 494496 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-02-10 06:11:38 711432 ----a-w- C:\WINDOWS\System32\ci.dll
2018-02-10 06:11:23 677784 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-02-10 06:11:12 1029528 ----a-w- C:\WINDOWS\System32\efscore.dll
2018-02-10 06:10:43 154520 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryClient.dll
2018-02-10 06:10:38 246168 ----a-w- C:\WINDOWS\System32\browserbroker.dll
2018-02-10 06:10:22 614160 ----a-w- C:\WINDOWS\System32\StateRepository.Core.dll
2018-02-10 06:10:03 2447768 ----a-w- C:\WINDOWS\System32\UpdateAgent.dll
2018-02-10 06:10:02 749976 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2018-02-10 06:09:55 491264 ----a-w- C:\WINDOWS\System32\policymanager.dll
2018-02-10 06:09:53 3904296 ----a-w- C:\WINDOWS\explorer.exe
2018-02-10 06:09:51 525208 ----a-w- C:\WINDOWS\System32\wimserv.exe
2018-02-10 06:09:08 755712 ----a-w- C:\WINDOWS\System32\evr.dll
2018-02-10 06:09:08 75160 ----a-w- C:\WINDOWS\System32\SecurityHealthProxyStub.dll
2018-02-10 06:08:50 398824 ----a-w- C:\WINDOWS\System32\SystemSettingsAdminFlows.exe
2018-02-10 06:08:40 3010248 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-02-10 06:08:39 687552 ----a-w- C:\WINDOWS\System32\StructuredQuery.dll
2018-02-10 06:08:36 96200 ----a-w- C:\WINDOWS\System32\winbrand.dll
2018-02-10 06:08:35 2574232 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2018-02-10 06:08:03 7675784 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2018-02-10 06:07:55 436632 ----a-w- C:\WINDOWS\System32\CloudExperienceHostCommon.dll
2018-02-10 06:07:53 4506576 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-02-10 06:07:02 705944 ----a-w- C:\WINDOWS\System32\wimgapi.dll
2018-02-10 0657 824896 ----a-w- C:\WINDOWS\System32\ClipSVC.dll
2018-02-10 0648 87384 ----a-w- C:\WINDOWS\System32\remoteaudioendpoint.dll
2018-02-10 0648 4486904 ----a-w- C:\WINDOWS\System32\Windows.StateRepository.dll
2018-02-10 0647 356952 ----a-w- C:\WINDOWS\System32\wintrust.dll
2018-02-10 0633 494488 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-02-10 0629 594048 ----a-w- C:\WINDOWS\System32\mf.dll
2018-02-10 0626 189336 ----a-w- C:\WINDOWS\System32\SecurityHealthAgent.dll
2018-02-10 0623 100248 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryBroker.dll
2018-02-10 0617 519144 ----a-w- C:\WINDOWS\System32\SecurityHealthService.exe
2018-02-10 0611 362904 ----a-w- C:\WINDOWS\System32\drivers\pci.sys
2018-02-10 0604 727448 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys
2018-02-10 06:05:58 97176 ----a-w- C:\WINDOWS\System32\drivers\sdstor.sys
2018-02-10 06:05:46 688064 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2018-02-10 06:05:40 70856 ----a-w- C:\WINDOWS\System32\wldp.dll
2018-02-10 06:05:28 413888 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll
2018-02-10 06:03:49 1619808 ----a-w- C:\WINDOWS\System32\sppobjs.dll
2018-02-10 06:03:43 404888 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
2018-02-10 06:03:39 722616 ----a-w- C:\WINDOWS\System32\sppwinob.dll
2018-02-10 06:03:35 706600 ----a-w- C:\WINDOWS\System32\EditionUpgradeManagerObj.dll
2018-02-10 06:03:34 849304 ----a-w- C:\WINDOWS\System32\LicensingWinRT.dll
2018-02-10 06:03:32 98712 ----a-w- C:\WINDOWS\System32\DeviceReactivation.dll
2018-02-10 06:02:30 2773400 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-02-10 06:02:29 1103768 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-02-10 06:02:17 628632 ----a-w- C:\WINDOWS\System32\msvcp_win.dll
2018-02-10 06:02:15 617304 ----a-w- C:\WINDOWS\System32\TextInputFramework.dll
2018-02-10 05:22:00 1930224 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2018-02-10 05:21:40 1615712 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll
2018-02-10 05:18:41 1384288 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-02-10 05:17:48 211864 ----a-w- C:\WINDOWS\SysWow64\aepic.dll
2018-02-10 05:17:39 542856 ----a-w- C:\WINDOWS\SysWow64\Windows.StateRepositoryPS.dll
2018-02-10 05:17:30 2255112 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-02-10 05:15:50 1145624 ----a-w- C:\WINDOWS\SysWow64\ucrtbase.dll
2018-02-10 05:12:03 4382032 ----a-w- C:\WINDOWS\SysWow64\setupapi.dll
2018-02-10 05:11:45 1250528 ----a-w- C:\WINDOWS\SysWow64\Taskmgr.exe
.
============= FINISH: 12:23:15.92 ===============
Attached Files
File Type: txt attach.txt (13.9 KB, 12 views)
TG7187 is offline  
Sponsored Links
Advertisement
 
Old 02-21-2018, 02:12 PM   #4
Registered Member
 
Join Date: Feb 2018
Location: Pittsburgh PA
Posts: 7
OS: Windows 10



This thread can be deleted/locked. I was able to resolve the issue on own. Thank you.
TG7187 is offline  
Old 02-21-2018, 02:30 PM   #5
Moderator, Editor, Articles Team
 
Deejay100six's Avatar
 
Join Date: Nov 2007
Location: Doncaster, Great Britain
Posts: 11,805
OS: Windows 7 Professional SP1

My System


Thanks for letting us know.

If you don't mind my asking, how?
__________________
Regards, Dave.


Submit New Articles Here

Help us to help you by posting your System Specs
Deejay100six is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] PUP.Optional.Elex.ShrtCln not going away
Bit of an oddball one here, it seems I've been infected by PUP.Optional.Elex.ShrtCln. If I run Malwarebytes, quarantine all threats, then run AdwCleaner and clean all threats, and then run Hitman Pro and again, remove all threats, and restart my computer, then run malwarebytes again, it detects...
HomicidalBunny Resolved HJT Threads 26 09-23-2016 08:05 PM
Specialist Crime Directorate?
I have got the Specialist Crime Directorate Ransomware virus and I need help on removing it. My computer won't boot in safe mode with networking or cmd, help!:frown:
josh1929 Resolved HJT Threads 36 09-03-2013 06:05 PM
Virus? Ads and crashing
I think I followed the instructions on this. Problem description: My computer will randomly start playing ads or things that sound like talkshows when nothing is open, and is running much slower than normal. It will also randomly shut itself off, which leads to error messages and it asking me if I...
jmcconnell0801 Resolved HJT Threads 41 09-24-2012 05:05 PM
~*~Mixed Bag of Problems~*~
Hi, everyone! I have had a lot of problems with my computer lately and I'm hoping someone would be able to help me out. The most pressing issue right now is that my e-mail is sending out Spam links when I'm not even on my computer. The first time it happened, I changed my password, but tonight the...
TabbyCat725 Virus/Trojan/Spyware Help 156 07-09-2012 07:50 PM
HJT log+strange google search results
Hello, Today my google search started to act up and only displays ad results. Could someone please help me resolve the problem? Here is my report: Logfile of Trend Micro HijackThis v2.0.2 Scan saved at 4:37:05 PM, on 11/8/2008 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet...
Kitzhof Resolved HJT Threads 21 11-16-2008 07:41 PM

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2
Powered by vBadvanced CMPS v3.2.3


All times are GMT -7. The time now is 01:03 PM.


Powered by vBulletin® Version 3.8.8
Copyright ©2000 - 2020, vBulletin Solutions, Inc.
vBulletin Security provided by vBSecurity v2.2.2 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
User Alert System provided by Advanced User Tagging v3.1.0 (Pro) - vBulletin Mods & Addons Copyright © 2020 DragonByte Technologies Ltd.
Copyright 2001 - 2018, Tech Support Forum

Windows 10 - Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts