Forumsee logo
Forumsee » Hardware » General » Read message
RSS: Subscribe to RSS

ESET Scanner threats and email spam

Driver Support - Tech Support Forum - www.techsupportforum.com
Hi,

I am trying to fix my grandfather's computer that he says has been running slow and his Yahoo mail account has recently started getting flooded with spam emails which he believes is from a virus/malware on his computer. I ran an ESET Online scan and it found a few threats also. The logs are attached below. Thank you for your help.

DDS (Ver_2012-11-20.01) - NTFS_AMD64

Internet Explorer: 11.0.16299.15

Run by kreonite at 057 on 2018-01-09

Microsoft Windows 10 Home 10.0.16299.0.1252.1.1033.18.7638.4765 [GMT -6:00]

.

AV: Avast Antivirus *Enabled/Updated* {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}

AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

AV: Malwarebytes *Disabled/Updated* {23007AD3-69FE-687C-2629-D584AFFAF72B}

SP: Malwarebytes *Disabled/Updated* {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

SP: Avast Antivirus *Enabled/Updated* {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}

.

============== Running Processes ===============

.

c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay

C:\WINDOWS\system32\fontdrvhost.exe

C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p

c:\windows\system32\svchost.exe -k rpcss -p

c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM

C:\WINDOWS\system32\fontdrvhost.exe

C:\WINDOWS\system32\dwm.exe

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService

c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc

c:\windows\system32\svchost.exe -k localservice -p -s nsi

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp

c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc

c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc

C:\WINDOWS\system32\atiesrxx.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain

c:\windows\system32\svchost.exe -k netsvcs -p -s Themes

c:\windows\system32\svchost.exe -k localservice -p -s EventSystem

c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager

c:\windows\system32\svchost.exe -k localservice -p -s netprofm

c:\windows\system32\svchost.exe -k netsvcs -p -s SENS

c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder

c:\windows\system32\svchost.exe -k localservice -p -s FontCache

c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache

c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup

c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub

c:\windows\system32\svchost.exe -k localservice -p -s fdPHost

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider

C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p

C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p

C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService

C:\WINDOWS\system32\dashost.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV

c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository

C:\WINDOWS\System32\spoolsv.exe

c:\windows\system32\svchost.exe -k localservicenonetwork -p

c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation

C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

C:\Program Files\Bonjour\mDNSResponder.exe

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe

C:\Program Files (x86)\Coupons\CouponPrinterService.exe

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe

C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

C:\WINDOWS\system32\SearchIndexer.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService

C:\WINDOWS\system32\svchost.exe -k imgsvc

c:\windows\system32\svchost.exe -k apphost -s AppHostSvc

c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc

c:\windows\system32\svchost.exe -k netsvcs

c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc

c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks

c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc

C:\WINDOWS\System32\svchost.exe -k utcsvc -p

c:\windows\system32\svchost.exe -k networkservice -p -s TapiSrv

c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost

c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer

C:\Program Files\Windows Media Player\wmpnetwk.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s Browser

c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent

c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost

c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc

c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman

C:\WINDOWS\system32\atieclxx.exe

c:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe

c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc

C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc

C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe

C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe

C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler64.exe

C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker

c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc

c:\windows\system32\sihost.exe

c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService

c:\windows\system32\taskhostw.exe

C:\Program Files (x86)\TeamViewer\TeamViewer.exe

C:\WINDOWS\Explorer.EXE

C:\Program Files (x86)\TeamViewer\tv_w32.exe

C:\Program Files (x86)\TeamViewer\tv_x64.exe

C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe

C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.13.257.0_x64__kzf8qxf38zg5c\SkypeHost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe

C:\WINDOWS\system32\ctfmon.exe

C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe

C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe

C:\WINDOWS\system32\SettingSyncHost.exe

C:\Program Files (x86)\Common Files\Microsoft Shared\Ink\TabTip32.exe

C:\WINDOWS\system32\AUDIODG.EXE

C:\Windows\System32\RuntimeBroker.exe

c:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe

c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager

C:\Windows\System32\RuntimeBroker.exe

C:\Program Files\Windows Defender\MSASCuiL.exe

c:\windows\system32\svchost.exe -k unistacksvcgroup

C:\Program Files\AVAST Software\Avast\AvastUI.exe

c:\program files (x86)\teamviewer\TeamViewer_Desktop.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo

c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc

C:\Program Files\AVAST Software\Avast\AvastUI.exe

c:\windows\system32\svchost.exe -k netsvcs -p -s BITS

C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

c:\windows\system32\taskhostw.exe

C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost

C:\WINDOWS\system32\SearchProtocolHost.exe

C:\WINDOWS\system32\SearchFilterHost.exe

C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc

C:\WINDOWS\system32\backgroundTaskHost.exe

C:\Windows\System32\RuntimeBroker.exe

C:\Windows\System32\smartscreen.exe

C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc

C:\WINDOWS\system32\wbem\wmiprvse.exe

C:\WINDOWS\System32\cscript.exe

.

============== Pseudo HJT Report ===============

.

uStart Page = hxxps://www.google.com/?bcutc=sp-006

uSearch Bar = hxxps://www.google.com/?bcutc=sp-006

uSearch Page = hxxps://www.google.com/search?bcutc=sp-006&q={searchTerms}

uSearchAssistant = hxxp://www.google.com/ie

uSearchURL,(Default) = hxxp://www.google.com/search?q=%s

mWinlogon: Userinit = C:\WINDOWS\System32\userinit.exe

BHO: {02478D38-C3F9-4efb-9B51-7695ECA05670} - <orphaned>

BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll

BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll

uRun: [OneDrive] "C:\Users\kreonite\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background

uRun: [Google Update] C:\Users\kreonite\AppData\Local\Google\Update\1.3.33.7\GoogleUpdateCore.exe

uRun: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe

uRun: [AppleIEDAV] C:\Program Files (x86)\Common Files\Apple\Internet Services\AppleIEDAV.exe

uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe

uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe

uRun: [Chromium] "c:\users\kreonite\appdata\local\chromium\application\chrome.exe" --auto-launch-at-startup --profile-directory="Default" --restore-last-session

mRun: [GrooveMonitor] "C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe"

mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

uPolicies-Explorer: NoDriveTypeAutoRun = dword:145

mPolicies-System: DSCAutomationHostEnabled = dword:2

mPolicies-System: EnableFullTrustStartupTasks = dword:2

mPolicies-System: EnableUwpStartupTasks = dword:2

mPolicies-System: SupportFullTrustStartupTasks = dword:1

mPolicies-System: SupportUwpStartupTasks = dword:1

mPolicies-System: SoftwareSASGeneration = dword:1

mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

mPolicies-System: PromptOnSecureDesktop = dword:0

IE: Add to Google Photos Screensa&ver - C:\WINDOWS\System32\GPhotos.scr/200

IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office12\ONBttnIE.dll

IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}

TCP: NameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{cb863208-7e20-4931-8544-388e8a52cbc6} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12

TCP: Interfaces\{de8a42e1-fe54-471b-b169-24ce3608ec94} : DHCPNameServer = 192.168.1.254

Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll

Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll

Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll

SSODL: WebCheck - <orphaned>

SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll

CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll

x64-mStart Page = x64-mSearch Page = about:blank x64-mDefault_Page_URL = about:blank x64-mDefault_Search_URL = about:blank x64-BHO: : {11BF46C6-B3DE-48BD-BF70-3AD85CAB80B5} - x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll x64-BHO: Adblock Plus for IE Browser Helper Object: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files\Adblock Plus for IE\AdblockPlus64.dll x64-Run: [SecurityHealth C:\Program Files (x86)\Windows Defender\MSASCuiL.exe

x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s

x64-Run: [RtHDVBg] "C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe" /ANDREA_BF_BYPASS

x64-Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvLaunch.exe" /gui

x64-mPolicies-System: DSCAutomationHostEnabled = dword:2

x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2

x64-mPolicies-System: EnableUwpStartupTasks = dword:2

x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1

x64-mPolicies-System: SupportUwpStartupTasks = dword:1

x64-mPolicies-System: SoftwareSASGeneration = dword:1

x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0

x64-mPolicies-System: PromptOnSecureDesktop = dword:0

x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe

x64-Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - <orphaned>

x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll

x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll

x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>

x64-SSODL: WebCheck - <orphaned>

x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall

x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U

x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.132\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level

x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll

.

============= SERVICES / DRIVERS ===============

.

R0 aswbidsh;aswbidsh;C:\WINDOWS\System32\drivers\aswbidsha.sys [2017-2-7 199448]

R0 aswblog;aswblog;C:\WINDOWS\System32\drivers\aswbloga.sys [2017-2-7 343768]

R0 aswbuniv;aswbuniv;C:\WINDOWS\System32\drivers\aswbuniva.sys [2017-2-7 57696]

R0 aswRvrt;aswRvrt;C:\WINDOWS\System32\drivers\aswRvrt.sys [2015-9-4 84384]

R0 aswVmm;aswVmm;C:\WINDOWS\System32\drivers\aswVmm.sys [2015-9-4 358672]

R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]

R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]

R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]

R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]

R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]

R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]

R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]

R1 aswArPot;aswArPot;C:\WINDOWS\System32\drivers\aswArPot.sys [2017-11-18 185096]

R1 aswbidsdriver;aswbidsdriver;C:\WINDOWS\System32\drivers\aswbidsdrivera.sys [2017-2-7 321512]

R1 aswHdsKe;aswHdsKe;C:\WINDOWS\System32\drivers\aswHdsKe.sys [2017-12-21 149344]

R1 aswKbd;aswKbd;C:\WINDOWS\System32\drivers\aswKbd.sys [2016-4-20 41832]

R1 aswSnx;aswSnx;C:\WINDOWS\System32\drivers\aswSnx.sys [2015-9-4 1025176]

R1 aswSP;aswSP;C:\WINDOWS\System32\drivers\aswSP.sys [2015-9-4 457400]

R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-1-8 59800]

R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2013-7-31 91712]

R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]

R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]

R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-8-1 264224]

R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2015-10-7 77104]

R2 aswMonFlt;aswMonFlt;C:\WINDOWS\System32\drivers\aswMonFlt.sys [2015-9-4 146664]

R2 aswStm;aswStm;C:\WINDOWS\System32\drivers\aswStm.sys [2015-9-4 204456]

R2 avast! Antivirus;Avast Antivirus;C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2017-12-21 301168]

R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

R2 CDPUserSvc_14321e;Connected Devices Platform User Service_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-1-8 385024]

R2 CLHNServiceForPowerDVD12;CLHNServiceForPowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\CLHNServiceForPowerDVD12.exe [2013-7-31 89864]

R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]

R2 CouponPrinterService;Coupon Printer Service;C:\Program Files (x86)\Coupons\CouponPrinterService.exe [2014-2-13 179184]

R2 CyberLink PowerDVD 12 Media Server Monitor Service;CyberLink PowerDVD 12 Media Server Monitor Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSMonitorServicePDVD12.exe [2013-7-31 77576]

R2 CyberLink PowerDVD 12 Media Server Service;CyberLink PowerDVD 12 Media Server Service;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMS\CLMSServerPDVD12.exe [2013-7-31 294664]

R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]

R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]

R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

R2 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2013-12-16 227904]

R2 HP Support Assistant Service;HP Support Assistant Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe [2013-6-7 99128]

R2 IntuitUpdateServiceV4;Intuit Update Service v4;C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [2014-1-3 14624]

R2 ntk_PowerDVD12;ntk_PowerDVD12;C:\Program Files (x86)\CyberLink\PowerDVD12\Kernel\DMP\CLHNServer\ntk_PowerDVD12_64.sys [2013-7-31 84168]

R2 OneSyncSvc_14321e;Sync Host_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-1-8 519152]

R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]

R2 TeamViewer;TeamViewer 11;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2015-11-29 7757552]

R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-1-8 147864]

R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R2 WpnUserService_14321e;Windows Push Notifications User Service_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R3 aswbIDSAgent;aswbIDSAgent;C:\Program Files\AVAST Software\Avast\x64\aswidsagenta.exe [2017-12-21 7538536]

R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]

R3 PimIndexMaintenanceSvc_14321e;Contact Data_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2015-6-5 310528]

R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-2-17 896768]

R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

R3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-1-8 103320]

R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

R3 UnistoreSvc_14321e;User Data Storage_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

R3 UserDataSvc_14321e;User Data Access_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S2 AERTFilters;Andrea RT Filters Service;"C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE" --> C:\Program Files\Realtek\Audio\HDA\AERTSr64.EXE [?]

S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]

S2 RtkAudioService;Realtek Audio Service;"C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe" --> C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [?]

S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]

S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]

S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]

S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]

S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]

S3 aswHwid;aswHwid;C:\WINDOWS\System32\drivers\aswHwid.sys [2015-9-4 46976]

S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]

S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]

S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]

S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]

S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]

S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]

S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]

S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]

S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]

S3 DevicesFlowUserSvc_14321e;DevicesFlow_14321e;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]

S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]

S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]

S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]

S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2010-10-12 206072]

S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]

S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]

S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]

S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]

S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]

S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]

S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]

S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]

S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]

S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]

S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]

S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]

S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]

S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]

S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]

S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]

S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]

S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]

S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]

S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]

S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]

S3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-1-8 6234056]

S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]

S3 MessagingService_14321e;MessagingService_14321e;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]

S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]

S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]

S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]

S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-1-8 192512]

S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]

S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]

S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]

S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]

S3 PrintWorkflowUserSvc_14321e;PrintWorkflow_14321e;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]

S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]

S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]

S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]

S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]

S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]

S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]

S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]

S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]

S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]

S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]

S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]

S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]

S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-1-8 956416]

S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-12-11 45464]

S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]

S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-12-11 114688]

S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]

S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-12-11 57344]

S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]

S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]

S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]

S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]

S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]

S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]

S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-12-11 60824]

S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]

S3 USBAAPL64;Apple Mobile USB Driver;C:\WINDOWS\System32\drivers\usbaapl64.sys [2015-6-10 54784]

S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]

S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]

S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]

S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]

S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]

S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2017-9-29 48688]

S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]

S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]

S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]

S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-11 770048]

S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-9-29 119192]

S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-9-29 355304]

S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]

S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]

S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]

S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-1-8 225792]

S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]

S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]

S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]

S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]

S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]

S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]

S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]

S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]

.

=============== File Associations ===============

.

FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]

ShellExec: SZBrowser.exe: open="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"

.

=============== Created Last 30 ================

.

2018-01-09 02:23:10 -------- d-----w- C:\Users\kreonite\AppData\Local\ESET

2018-01-09 02:11:27 -------- d-----w- C:\ProgramData\SWCUTemp

2018-01-09 00:12:59 2859520 ----a-w- C:\WINDOWS\System32\dwmcore.dll

2018-01-09 00:11:59 97280 ----a-w- C:\WINDOWS\SysWow64\WcnApi.dll

2018-01-08 23:41:02 77432 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys

2018-01-08 23:40:52 -------- d-----w- C:\Program Files\Malwarebytes

2018-01-08 23:40:29 -------- d-----w- C:\ProgramData\MB2Migration

2017-12-21 17:42:16 149344 ----a-w- C:\WINDOWS\System32\drivers\aswHdsKe.sys

2017-12-16 23:44:34 -------- d-s---w- C:\WINDOWS\SysWow64\Microsoft

2017-12-13 16:35:59 676352 ----a-w- C:\WINDOWS\SysWow64\SndVolSSO.dll

2017-12-12 00:27:33 -------- d-sh--w- C:\Recovery

2017-12-12 00:24:14 -------- d-----w- C:\Windows.old

2017-12-12 00:13:19 -------- d-----w- C:\WINDOWS\System32\Microsoft

2017-12-12 00:13:19 -------- d-----w- C:\WINDOWS\ServiceProfiles

2017-12-12 00:02:42 -------- d-----w- C:\inetpub

2017-12-12 00:01:59 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll

2017-12-12 00:01:59 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe

2017-12-12 00:01:59 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe

2017-12-12 00:01:59 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll

2017-12-12 00:01:59 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll

2017-12-12 00:01:58 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll

2017-12-11 23:15:18 -------- d-----w- C:\ProgramData\Microsoft OneDrive

2017-12-11 23:13:52 -------- d--h--w- C:\Users\kreonite\MicrosoftEdgeBackups

2017-12-11 23:07:04 -------- d-sh--we C:\ProgramData\Documents

2017-12-11 22:51:00 -------- d-----w- C:\WINDOWS\System32\wbem\Performance

2017-12-11 22:46:59 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good

2017-12-11 22:46:59 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad

2017-12-11 22:39:35 -------- d-----w- C:\ProgramData\USOShared

2017-12-11 22:33:29 -------- d-----w- C:\Users\kreonite\AppData\Local\Packages

2017-12-11 22:30:41 2241024 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll

2017-12-11 22:29:35 -------- d-----w- C:\WINDOWS\System32\wbem\MOF

2017-12-11 22:28:16 -------- d-----w- C:\WINDOWS\System32\SleepStudy

2017-12-10 06:26:13 -------- d-----w- C:\Program Files\Common Files\Avast Software

.

==================== Find3M ====================

.

2018-01-09 02:09:34 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin

2018-01-09 00:17:24 403968 ----a-w- C:\WINDOWS\System32\WpAXHolder.dll

2018-01-09 00:16:42 106496 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll

2018-01-09 00:16:37 140800 ----a-w- C:\WINDOWS\System32\Chakradiag.dll

2018-01-01 17:15:38 956416 ----a-w- C:\WINDOWS\System32\Spectrum.exe

2018-01-01 12:54:36 924648 ----a-w- C:\WINDOWS\System32\winresume.exe

2018-01-01 12:53:26 1090984 ----a-w- C:\WINDOWS\System32\winresume.efi

2018-01-01 12:52:23 66712 ----a-w- C:\WINDOWS\System32\iumcrypt.dll

2018-01-01 12:51:59 59800 ----a-w- C:\WINDOWS\System32\drivers\bam.sys

2018-01-01 12:51:56 1055128 ----a-w- C:\WINDOWS\System32\hvax64.exe

2018-01-01 12:51:31 191816 ----a-w- C:\WINDOWS\System32\skci.dll

2018-01-01 12:51:23 1209240 ----a-w- C:\WINDOWS\System32\winload.exe

2018-01-01 12:51:18 1414784 ----a-w- C:\WINDOWS\System32\winload.efi

2018-01-01 12:50:58 479912 ----a-w- C:\WINDOWS\System32\ucrtbase_enclave.dll

2018-01-01 12:50:35 77208 ----a-w- C:\WINDOWS\System32\hvloader.dll

2018-01-01 12:50:17 780464 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe

2018-01-01 12:50:07 5905752 ----a-w- C:\WINDOWS\System32\StartTileData.dll

2018-01-01 12:49:34 8605080 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe

2018-01-01 12:49:34 292376 ----a-w- C:\WINDOWS\System32\wscapi.dll

2018-01-01 12:49:31 599448 ----a-w- C:\WINDOWS\System32\securekernel.exe

2018-01-01 12:49:10 319352 ----a-w- C:\WINDOWS\System32\wow64.dll

2018-01-01 12:48:26 1954048 ----a-w- C:\WINDOWS\System32\ntdll.dll

2018-01-01 12:48:18 7831760 ----a-w- C:\WINDOWS\System32\d3d10warp.dll

2018-01-01 12:48:18 382360 ----a-w- C:\WINDOWS\System32\atmfd.dll

2018-01-01 12:47:06 649304 ----a-w- C:\WINDOWS\System32\advapi32.dll

2018-01-01 12:47:01 82840 ----a-w- C:\WINDOWS\System32\drivers\volmgr.sys

2018-01-01 12:46:23 898216 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll

2018-01-01 12:46:21 733592 ----a-w- C:\WINDOWS\System32\drivers\acpi.sys

2018-01-01 12:45:54 2395032 ----a-w- C:\WINDOWS\System32\drivers\ntfs.sys

2018-01-01 12:45:48 1277848 ----a-w- C:\WINDOWS\System32\drivers\ndis.sys

2018-01-01 12:45:17 398744 ----a-w- C:\WINDOWS\System32\drivers\fltMgr.sys

2018-01-01 12:43:31 1173576 ----a-w- C:\WINDOWS\System32\rpcrt4.dll

2018-01-01 12:43:16 367336 ----a-w- C:\WINDOWS\System32\Windows.Storage.ApplicationData.dll

2018-01-01 12:43:03 62872 ----a-w- C:\WINDOWS\System32\drivers\fsdepends.sys

2018-01-01 12:42:46 571288 ----a-w- C:\WINDOWS\System32\drivers\spaceport.sys

2018-01-01 12:42:36 494488 ----a-w- C:\WINDOWS\System32\pcasvc.dll

2018-01-01 12:42:34 184984 ----a-w- C:\WINDOWS\System32\sspicli.dll

2018-01-01 12:42:20 109976 ----a-w- C:\WINDOWS\System32\drivers\vmbus.sys

2018-01-01 12:42:01 1029016 ----a-w- C:\WINDOWS\System32\efscore.dll

2018-01-01 12:41:32 549552 ----a-w- C:\WINDOWS\System32\WWanAPI.dll

2018-01-01 12:41:24 559512 ----a-w- C:\WINDOWS\System32\drivers\storport.sys

2018-01-01 12:41:18 7676296 ----a-w- C:\WINDOWS\System32\windows.storage.dll

2018-01-01 12:40:19 1206680 ----a-w- C:\WINDOWS\System32\hvix64.exe

2018-01-01 12:39:58 508264 ----a-w- C:\WINDOWS\System32\systemreset.exe

2018-01-01 12:39:53 902416 ----a-w- C:\WINDOWS\System32\winhttp.dll

2018-01-01 12:39:44 362904 ----a-w- C:\WINDOWS\System32\drivers\pci.sys

2018-01-01 12:39:17 677784 ----a-w- C:\WINDOWS\System32\drivers\cng.sys

2018-01-01 12:39:06 129432 ----a-w- C:\WINDOWS\System32\drivers\hvsocket.sys

2018-01-01 12:38:53 519152 ----a-w- C:\WINDOWS\System32\SecurityHealthService.exe

2018-01-01 12:38:43 38808 ----a-w- C:\WINDOWS\System32\drivers\Diskdump.sys

2018-01-01 12:38:24 3904808 ----a-w- C:\WINDOWS\explorer.exe

2018-01-01 12:38:15 727448 ----a-w- C:\WINDOWS\System32\drivers\fvevol.sys

2018-01-01 12:38:09 103320 ----a-w- C:\WINDOWS\System32\drivers\stornvme.sys

2018-01-01 12:37:57 461720 ----a-w- C:\WINDOWS\System32\wifitask.exe

2018-01-01 12:37:09 1426664 ----a-w- C:\WINDOWS\System32\AudioEng.dll

2018-01-01 12:36:57 113560 ----a-w- C:\WINDOWS\System32\icfupgd.dll

2018-01-01 12:36:32 57752 ----a-w- C:\WINDOWS\System32\drivers\netbios.sys

2018-01-01 12:36:25 413888 ----a-w- C:\WINDOWS\System32\AUDIOKSE.dll

2018-01-01 12:36:25 166296 ----a-w- C:\WINDOWS\System32\drivers\partmgr.sys

2018-01-01 12:36:20 374032 ----a-w- C:\WINDOWS\System32\vac.exe

2018-01-01 12:35:34 75160 ----a-w- C:\WINDOWS\System32\SecurityHealthProxyStub.dll

2018-01-01 12:35:16 1170008 ----a-w- C:\WINDOWS\System32\AudioSes.dll

2018-01-01 12:34:51 1336344 ----a-w- C:\WINDOWS\System32\ole32.dll

2018-01-01 12:34:45 7385088 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll

2018-01-01 12:34:45 260896 ----a-w- C:\WINDOWS\System32\mfps.dll

2018-01-01 12:34:43 87384 ----a-w- C:\WINDOWS\System32\remoteaudioendpoint.dll

2018-01-01 12:33:42 603920 ----a-w- C:\WINDOWS\System32\audiodg.exe

2018-01-01 12:33:36 2773400 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys

2018-01-01 12:32:57 4481240 ----a-w- C:\WINDOWS\System32\mfcore.dll

2018-01-01 12:32:30 617304 ----a-w- C:\WINDOWS\System32\TextInputFramework.dll

2018-01-01 12:27:27 713624 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys

2018-01-01 12:27:26 163736 ----a-w- C:\WINDOWS\System32\drivers\wfplwfs.sys

2018-01-01 12:26:45 81304 ----a-w- C:\WINDOWS\System32\drivers\vmbkmcl.sys

2018-01-01 12:26:25 428952 ----a-w- C:\WINDOWS\System32\drivers\rdbss.sys

2018-01-01 12:25:50 147864 ----a-w- C:\WINDOWS\System32\drivers\wcifs.sys

2018-01-01 12:25:26 615768 ----a-w- C:\WINDOWS\System32\services.exe

2018-01-01 12:21:36 1103768 ----a-w- C:\WINDOWS\System32\drivers\http.sys

2018-01-01 12:21:34 614296 ----a-w- C:\WINDOWS\System32\drivers\afd.sys

2018-01-01 1249 311192 ----a-w- C:\WINDOWS\SysWow64\atmfd.dll

2018-01-01 12:03:39 650328 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe

2018-01-01 12:03:38 777904 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll

2018-01-01 12:03:36 566664 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll

2018-01-01 12:03:03 123512 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll

2018-01-01 11:53:43 1615712 ----a-w- C:\WINDOWS\SysWow64\ntdll.dll

2018-01-01 11:49:35 258808 ----a-w- C:\WINDOWS\SysWow64\wscapi.dll

2018-01-01 11:49:11 481464 ----a-w- C:\WINDOWS\SysWow64\advapi32.dll

2018-01-01 11:46:57 289816 ----a-w- C:\WINDOWS\SysWow64\Windows.Storage.ApplicationData.dll

2018-01-01 11:46:25 3485392 ----a-w- C:\WINDOWS\SysWow64\explorer.exe

2018-01-01 11:45:54 5615968 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll

2018-01-01 11:45:34 6092152 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll

2018-01-01 11:45:26 450928 ----a-w- C:\WINDOWS\SysWow64\WWanAPI.dll

2018-01-01 11:42:56 982528 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll

2018-01-01 11:42:47 386424 ----a-w- C:\WINDOWS\SysWow64\AUDIOKSE.dll

2018-01-01 11:42:41 4644912 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll

2018-01-01 11:42:40 6479552 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll

2018-01-01 11:42:33 1246432 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll

2018-01-01 11:42:32 74992 ----a-w- C:\WINDOWS\SysWow64\remoteaudioendpoint.dll

2018-01-01 11:42:32 129184 ----a-w- C:\WINDOWS\SysWow64\mfps.dll

2018-01-01 11:42:32 1003152 ----a-w- C:\WINDOWS\SysWow64\ole32.dll

2018-01-01 11:37:35 25247232 ----a-w- C:\WINDOWS\System32\edgehtml.dll

.

============= FINISH: 0:08:47.93 ===============
Date: Jan 10, 2018   


Last videos:

Steelseries Rival 600
Steelseries Rival 600
Replacing Nvidia 980M with GTX 1070
Replacing Nvidia 980M with GTX 1070
Instrumental request :)
Instrumental request :)
Intel Optane 900d
Intel Optane 900d
Old Machine Mod
Old Machine Mod
Occasional problem with YouTube on desktop Windows
Occasional problem with YouTube on desktop Windows
Pump Resivour
Pump Resivour
Life Videos Youtube
Life Videos Youtube
Cars · 
Mobility · 
Hardware · 
Motorbikes · 
Travel · 
Boating · 
Aviation · 
About Forumsee · Contact · Privacy policy · Request content removal
production-frontend
We use cookies for navigation analysis and personalized advertisement. By using our site, you agree to our use of cookies.
Accept  ·  Learn more