Results 1 to 10 of 17

Thread: Premium Search Trojan

Hybrid View

Previous Post Previous Post   Next Post Next Post
  1. #1
    Junior Member
    Join Date
    Jul 2020
    Posts
    11

    Default Premium Search Trojan

    Hello, I got infected with Premium Search and I was able to remove most of it with Spybot. Now I am having trouble with certain apps that won't load due to missing .dll files. Here are the ones I know about:

    Skype: missing - HID.DLL
    eMClient: missing DLL libcef

    I'm not sure what else may be going on but this computer is only a few months old and just seems to be acting weird! I have backups on an external drive that I could go back to if I must but there is an issue with that too. Dell has 6 partitions on my C: drive and 4 of them don't have drive letters and my backup program didn't like that so I haven't been backing up those partitions. Since I don't know what is on those partitions I'm hesitant to do a restore at this point in time. I'm using EaseUS Todo free version. But here is where I'm at right now.

    Following the instructions on "Before you post" I backed up my registry, got the Farbar logs, and downloaded aswMBR. But twice now while attempting to run the aswmbr tool, when I click "Yes" at the prompt "The computer supports "Virtualization Technology" it shows the Microsoft reporting tool screen and does a restart. I'm afraid to try it a 3rd time because after the 2nd time all I had was a black screen and I had to do a manual restart. I don't know where to go from here. Can someone help me? Thank you.

  2. #2
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    Don't worry about trying to run aswMBR again, my opinion is it's not compatible with your machine.

    When trying to find some information about the name you have Trojan Premium Search, I think it says linked to android, such as a phone?
    If you have tethered these two together or downloaded an app for your phone, find and delete that app.

    I need to see the two logs created from Farbar Recovery tool
    FRST.txt & Addition.txt should be on your Desktop. Copy the contents of both logs and paste in your next reply.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #3
    Junior Member
    Join Date
    Jul 2020
    Posts
    11

    Default

    Quote Originally Posted by Juliet View Post
    Don't worry about trying to run aswMBR again, my opinion is it's not compatible with your machine.

    When trying to find some information about the name you have Trojan Premium Search, I think it says linked to android, such as a phone?
    If you have tethered these two together or downloaded an app for your phone, find and delete that app.

    I need to see the two logs created from Farbar Recovery tool
    FRST.txt & Addition.txt should be on your Desktop. Copy the contents of both logs and paste in your next reply.
    Hi Juliet and thank you for helping me.

    As far as the android goes, the only thing that I can think of is an outdoor movie projector running android 7.1. I downloaded the phone app named "Nebula Connect" to my iPhone. Everything else in the house is iOS. I will delete that app for now but I need it to run the projector so I might need to re-install it later, if that's ok? Here are the files:

    FRST_Addition.zip.zip

  4. #4
    Junior Member
    Join Date
    Jul 2020
    Posts
    11

    Default

    Juliet, I was just looking at my routers previously connected devices and I saw what called "SmartInn Android Device Phone". I think it is related to the outdoor projector but I went ahead and blocked it anyways.

  5. #5
    Security Expert-emeritus Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    4,084

    Default

    If I'm right, even older items can still be found to have had access to your router....they might have been added to the rubbish bin a long time ago.

    You zipped files, I can't use those.
    If you can, please open the files, copy and paste in your next reply. If they are to large to fit in in one post, make multiple posts please.
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  6. #6
    Junior Member
    Join Date
    Jul 2020
    Posts
    11

    Default

    I'm sorry Juliet, I saw that .zip was an acceptable format so I used it. This is FRST Reply Logs #1:


    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2020 01
    Ran by shumi (administrator) on DESKTOP-AT4C6NI (Dell Inc. G5 5090) (18-07-2020 18:25:37)
    Running from C:\Users\Mike\Desktop
    Loaded Profiles: shumi & Mike
    Platform: Windows 10 Home Version 1909 18363.959 (X64) Language: English (United States)
    Default browser: Edge
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12107.3.48019.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
    (A-Volute -> Nahimic) C:\Windows\System32\NahimicService.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\Browny02\BrYNSvc.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
    (Brother Industries, Ltd.) [File not signed] C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
    (CHENGDU YIWO Tech Development Co., Ltd. -> ) C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
    (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
    (Dell Inc -> ) C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe
    (Dell Inc -> ) C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe
    (Dell Inc -> Dell Inc.) C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe
    (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Background.Server.exe
    (Dell Inc -> Dell Technologies) C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe
    (Dell Inc) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.89.0_x64__htrsf667h5kn2\AWCC.exe
    (Dell Inc) C:\Program Files\WindowsApps\DellInc.AlienwareCommandCenter_5.2.89.0_x64__htrsf667h5kn2\GameLibrary\GameLibraryAppService.exe
    (Dell Inc. -> Dell Inc.) C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe
    (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe
    (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe
    (Dell Technologies Inc. -> Dell Technologies Inc.) C:\Program Files\Dell\DellDataVault\nvapiw.exe <3>
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dal.inf_amd64_d52c63e0e1c02c96\jhi_service.exe
    (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_ecb9604542bb4ba6\RstMwService.exe
    (McAfee, Inc. -> McAfee LLC.) C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
    (McAfee, Inc. -> McAfee, LLC) C:\Windows\System32\mfevtps.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\McCSPServiceHost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\MMSSHost\MMSSHOST.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe <2>
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\ModuleCore\ProtectedModuleHost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\Platform\MSM\McSmtFwk.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\Common Files\McAfee\VSCore_20_4\mcapexe.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\MfeAV\MfeAVSvc.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\servicehost.exe
    (McAfee, LLC -> McAfee, LLC) C:\Program Files\McAfee\WebAdvisor\uihost.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <8>
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
    (Microsoft Corporation -> Microsoft Corporation) C:\Users\Mike\AppData\Local\Microsoft\OneDrive\OneDrive.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_12007.1001.2.0_x64__8wekyb3d8bbwe\WinStore.App.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBar.exe
    (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.XboxGamingOverlay_5.320.6242.0_x64__8wekyb3d8bbwe\GameBarFT.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <5>
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
    (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\vds.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.) C:\Windows\OEM05Mon.exe
    (Microsoft Windows Hardware Compatibility Publisher -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe
    (Nuance Communications, Inc. -> Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\PDF Professional 7\PdfPro7Hook.exe
    (NVIDIA Corporation -> Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe <2>
    (NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_d270e5eea12c358c\Display.NvContainer\NVDisplay.Container.exe <2>
    (PC-Doctor, Inc. -> PC-Doctor, Inc.) C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe
    (Qualcomm Atheros -> Qualcomm Technologies Inc.) C:\Windows\System32\drivers\QcomWlanSrvx64.exe
    (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\RtkAudUService64.exe <3>
    (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPS.exe
    (Rivet Networks LLC -> Rivet Networks LLC) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtility.exe
    (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe
    (Rivet Networks LLC -> Rivet Networks) C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe
    (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe
    (Rivet Networks LLC -> Rivet Networks, LLC.) C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDQuarantine.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWelcome.exe
    (Safer-Networking Ltd. -> Safer-Networking Ltd.) C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe

    ==================== Registry (Whitelisted) ===================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\RtkAudUService64.exe [881440 2019-06-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
    HKLM\...\Run: [DellMobileConnectWelcome] => C:\Program Files\Dell\DellMobileConnectDrivers\DellMobileConnectWelcome.exe [345848 2019-06-20] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
    HKLM-x32\...\Run: [OEM05Mon.exe] => C:\Windows\OEM05Mon.exe [36864 2007-05-09] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
    HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-11-12] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4517376 2014-11-11] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [BrHelp] => C:\Program Files (x86)\Brother\Brother Help\BrotherHelp.exe [1939968 2014-10-22] (Brother Industries, Ltd.) [File not signed]
    HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [2075480 2013-06-24] (Flexera Software LLC -> Flexera Software LLC.)
    HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\Nuance\PaperPort\pptd40nt.exe [35648 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\Nuance\PaperPort\IndexSearch.exe [17600 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [PDFProHook] => C:\Program Files (x86)\Nuance\PDF Professional 7\pdfpro7hook.exe [641864 2013-03-20] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    HKLM-x32\...\Run: [Display] => C:\Program Files (x86)\APC\PowerChute Personal Edition\DataCollectionLauncher.exe
    HKLM-x32\...\Run: [SDTray] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDTray.exe [6787856 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1001\...\Run: [Spybot-S&D Cleaning] => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDCleaner.exe [7388304 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1001\...\RunOnce: [Application Restart #0] => C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe --flag-switches-begin --flag-switches-end --enable-audio-service-sandbox --restore-last-session --flag-switches-begin --flag-switches-end (the data entry has 94 more characters).
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\Ribbons.scr [151552 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Scheduled Tasks (Whitelisted) ============

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    Task: {055121b2-0927-4254-af0a-4f668e39e469} - no filepath
    Task: {1AAAC944-980E-473F-8523-1A0FC55D45E9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {1DB15D2E-B453-4B9E-8FDC-23E810D8642B} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {2cb54e1f-62d9-4c14-814c-955ef69c155b} - no filepath
    Task: {2EB0846B-4CD0-4887-8831-95F49B3B9C08} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [647656 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {30bdde01-accc-4d79-8aa1-44749ff27256} - no filepath
    Task: {3369d6ed-ba7f-49d1-8833-d3a224675608} - no filepath
    Task: {3497e3f2-c9b7-425a-9fec-440c2225f44b} - no filepath
    Task: {385D36D3-3AD7-4387-8977-4142A596D556} - System32\Tasks\NvTmRep_CrashReport1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {3993BE6A-2743-412C-B729-C32EAD59D2E0} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [3292984 2020-06-25] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {3c2803c4-858e-4647-bcea-ae4e80f67684} - no filepath
    Task: {3d72d2b4-03b7-4849-ab88-a5fff70cf3ca} - no filepath
    Task: {3F1405DA-0745-4CFA-B413-F2F495732CE0} - System32\Tasks\NahimicTask64 => C:\Windows\system32\.\NahimicSvc64.exe [1057016 2019-06-18] (A-Volute -> Nahimic)
    Task: {418c504c-83ed-4d71-969e-028375ff1e54} - no filepath
    Task: {466899a2-6185-4d64-8104-d216ee4a894f} - no filepath
    Task: {48EE3882-DA3C-44BF-BB45-A25F97D4D20D} - System32\Tasks\McAfee\DAD.Execute.Updates => C:\Program Files\Common Files\McAfee\DynamicAppDownloader\DADUpdater.exe [4185384 2020-05-15] (McAfee, LLC -> McAfee, LLC)
    Task: {4eab12b2-4683-4f9c-bde8-2392a04f3864} - no filepath
    Task: {4F340B10-30AF-4FE1-9EE3-6E5251C1A72E} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Check for updates => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdate.exe [7337200 2020-03-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {4FDD7CBC-2645-447D-AE36-0E9D1EAE4550} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonx64\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1850776 2020-07-18] (Microsoft Corporation -> Microsoft Corporation)
    Task: {5b49af16-6ab4-45fc-9d9d-dcd31eed3710} - no filepath
    Task: {5f143149-37b1-49a4-8891-7cd86fc9ae8b} - no filepath
    Task: {5f6a4b10-041d-4264-83bb-02eaed7bb197} - no filepath
    Task: {5FF006AF-4159-4149-A664-6B8E9EA53BD9} - System32\Tasks\NvTmRep_CrashReport3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {6192232A-F830-4F31-81DD-B19301E955AE} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {64253CA3-F8B8-4974-9130-1B2CB53BC978} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee VirusScan\upgrade.exe [4592776 2020-05-15] (McAfee, LLC -> McAfee, LLC)
    "C:\Windows\System32\Tasks\McAfee\McAfee Idle Detection Task" was unlocked. <==== ATTENTION
    Task: {69CCE445-F916-4131-88B0-2845873E702B} - System32\Tasks\McAfee\McAfee Idle Detection Task => {ABCDCA3B-DE6B-5A7C-B132-6D7CBA63E5C5} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
    Task: {71696419-4242-4FC3-9F34-CC8D3773A445} - System32\Tasks\NahimicTask32 => C:\Windows\system32\..\SysWOW64\NahimicSvc32.exe [787696 2019-06-18] (A-Volute -> Nahimic)
    Task: {7CF3EFE3-768D-493A-B673-15E544A10E90} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Refresh immunization => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDImmunize.exe [5723640 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {81d18dbf-731c-4226-8e85-44bda75e5bc7} - no filepath
    Task: {872639B6-9AF3-4EDE-9F67-95202D1D5C40} - System32\Tasks\NvTmRep_CrashReport4_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {88705944-A5C0-4D71-B4B1-EAC80CBDCC59} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Task: {8BBC14B8-74FE-48CE-97DE-8C52B69F89B4} - System32\Tasks\McAfeeLogon => C:\Program Files\Common Files\McAfee\Platform\McUICnt.exe [764640 2020-06-08] (McAfee, LLC -> McAfee, LLC)
    Task: {8bc86d5f-5453-4d79-b4f2-dac073199006} - no filepath
    Task: {8E014A58-DE32-42AD-AB9C-499813346BCA} - System32\Tasks\Dell SupportAssistAgent AutoUpdate => C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistInstaller.exe [1553880 2020-05-03] (Dell Inc. -> Dell Inc.)
    Task: {8F32BDA6-7819-48C6-8840-73E912D1F49E} - System32\Tasks\McAfee\McAfee Auto Maintenance Task Agent => {ABCECA3B-EA5A-496B-A021-5C6BAB365E5C} C:\Program Files\Common Files\McAfee\TaskScheduler\McAMTaskAgent.exe [1075528 2020-05-14] (McAfee, LLC -> McAfee, LLC)
    Task: {92BE591D-26ED-493D-A459-9127F1040AE1} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23815032 2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Task: {9553b533-d4c8-4a4d-a7a9-beecf3652c25} - no filepath
    Task: {964ea2cc-52f0-4e92-957f-8c54d1145996} - no filepath
    Task: {9e5834c3-5a31-45d9-8652-74df9bb6aea7} - no filepath
    Task: {A1D9C246-3D7D-4355-818E-78406D29D57C} - System32\Tasks\NahimicSvc64Run => C:\Windows\system32\NahimicSvc64.exe [1057016 2019-06-18] (A-Volute -> Nahimic)
    Task: {a687a4ff-47a3-4310-a426-fa53bba6280a} - no filepath
    Task: {AD7D15C5-D95E-4868-999C-6B5180C26D39} - System32\Tasks\NahimicSvc32Run => C:\Windows\SysWOW64\NahimicSvc32.exe [787696 2019-06-18] (A-Volute -> Nahimic)
    Task: {BBBD58FE-B34B-4FC1-8103-592C128E5CB4} - System32\Tasks\Safer-Networking\Spybot - Search and Destroy\Scan the system => C:\Program Files (x86)\Spybot - Search & Destroy 2\SDScan.exe [6166736 2020-03-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    Task: {BE88915C-2E57-4B46-B71A-DC0BF34F0AF3} - System32\Tasks\McAfee\McAfee DAT Built in test => C:\Program Files\Common Files\McAfee\AMContent\scanners\x86_64\datrep\1.0.9.577\mcdatrep.exe [1826656 2020-03-28] (McAfee, Inc. -> McAfee, LLC.)
    Task: {d0815cd0-a575-4fde-82fb-9a3e8c9b4c24} - no filepath
    Task: {d7bc42e8-f1a0-44dd-a2e6-96ed36ff930f} - no filepath
    Task: {E1074DC0-A698-4A19-9566-62E5CE6DF870} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170856 2020-07-18] (Microsoft Corporation -> Microsoft Corporation)
    Task: {e8c27b85-79f2-4f76-99e2-433d872ae0cf} - no filepath
    Task: {ECDAA5FD-EDBF-4097-8AD0-35377637E1FA} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [907240 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)
    Task: {EF7E138F-4FB5-4B9E-AE85-FA6129B91238} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [170856 2020-07-18] (Microsoft Corporation -> Microsoft Corporation)
    Task: {FE418BE1-B272-4D93-8246-26D35BA8FA89} - System32\Tasks\NvTmRep_CrashReport2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvBackend\NvTmRep.exe [1126888 2020-06-23] (NVIDIA Corporation -> NVIDIA Corporation)

    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
    Tcpip\..\Interfaces\{6772d706-e188-4efa-8c4e-cf8cfea44e65}: [DhcpNameServer] 192.168.1.254

    Internet Explorer:
    ==================
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=DCTE
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1007\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.yahoo.com/
    HKU\S-1-5-21-4258859072-2134369477-3650907842-1007\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.msn.com/?pc=DCTE
    BHO: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\x64\IEPlugin.dll [2020-07-16] (McAfee, LLC -> McAfee, LLC)
    BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
    BHO-x32: PlusIEEventHelper Class -> {551A852F-39A6-44A7-9C13-AFBEC9185A9D} -> C:\Program Files (x86)\Nuance\PDF Professional 7\Bin\PlusIEContextMenu.dll [2011-06-30] (Zeon Corporation -> Zeon Corporation)
    BHO-x32: McAfee WebAdvisor -> {B164E929-A1B6-4A06-B104-2CD0E90A88FF} -> C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll [2020-07-16] (McAfee, LLC -> McAfee, LLC)
    Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2020-07-07] (Microsoft Corporation -> Microsoft Corporation)
    Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files\McAfee\MSC\McSnIePl64.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)
    Filter-x32: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll [2020-06-08] (McAfee, LLC -> McAfee, LLC)

    Edge:
    ======
    DownloadDir: D:\shumi\Downloads
    Edge HomeButtonPage: HKU\S-1-5-21-4258859072-2134369477-3650907842-1001 -> hxxp://yahoo.com/
    Edge HomeButtonPage: HKU\S-1-5-21-4258859072-2134369477-3650907842-1007 -> hxxps://www.yahoo.com/
    Edge Extension: (No Name) -> hdokiejnpimakedhajhdlcegeplioahd_LastPassLastPassFreePasswordManager_qq0fmhteeht3j => C:\Program Files\WindowsApps\LastPass.LastPassFreePasswordManager_4.50.1.0_neutral__qq0fmhteeht3j [not found]
    Edge DefaultProfile: Default
    Edge Profile: C:\Users\shumi\AppData\Local\Microsoft\Edge\User Data\Default [2020-07-18]
    Edge DownloadDir: D:\shumi\Downloads
    Edge HomePage: Default -> hxxp://yahoo.com/
    Edge StartupUrls: Default -> "hxxps://www.yahoo.com/"

    FireFox:
    ========
    FF HKLM\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF Extension: (McAfeeŽ WebAdvisor) - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi [2020-07-16] [UpdateUrl:hxxps://sadownload.mcafee.com/products/SA/Win/xpi/webadvisor/update.json]
    FF HKLM\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSKHKLM => not found
    FF HKLM-x32\...\Firefox\Extensions: [{4ED1F68A-5463-4931-9384-8FFF5ED91D92}] - C:\Program Files\McAfee\WebAdvisor\e10ssaffplg.xpi
    FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK
    FF Extension: (McAfee Anti-Spam Thunderbird Extension) - C:\Program Files\McAfee\MSK [2020-07-05] [Legacy] [not signed]
    FF Plugin: @mcafee.com/MSC,version=10 -> C:\Program Files\McAfee\MSC\npMcSnFFPl64.dll [2020-06-08] (McAfee, LLC -> )
    FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: @mcafee.com/MSC,version=10 -> C:\Program Files (x86)\McAfee\MSC\npMcSnFFPl.dll [2020-06-08] (McAfee, LLC -> )
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2020-04-02] (Microsoft Corporation -> Microsoft Corporation)
    FF Plugin-x32: ZEON/PDF,version=2.0 -> C:\Program Files (x86)\Nuance\PDF Professional 7\bin\nppdf.dll [2011-07-15] (Zeon Corporation -> Zeon Corporation)

    Chrome:
    =======
    CHR HKLM\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]
    CHR HKLM-x32\...\Chrome\Extension: [fheoggkfdfchfphceeifdbepaooicaho]

    ==================== Services (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    R2 AWCCService; C:\Program Files\Alienware\Alienware Command Center\AWCC.Service.exe [15424 2020-03-26] (Dell Inc -> Dell Technologies)
    R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [289792 2014-10-23] (Brother Industries, Ltd.) [File not signed]
    R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [10574712 2020-07-02] (Microsoft Corporation -> Microsoft Corporation)
    R2 DDVCollectorSvcApi; C:\Program Files\Dell\DellDataVault\DDVCollectorSvcApi.exe [248376 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
    S2 DDVDataCollector; C:\Program Files\Dell\DellDataVault\DDVDataCollector.exe [3359288 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
    R2 DDVRulesProcessor; C:\Program Files\Dell\DellDataVault\DDVRulesProcessor.exe [271416 2020-01-22] (Dell Technologies Inc. -> Dell Technologies Inc.)
    R2 Dell Digital Delivery Services; C:\Program Files (x86)\Dell Digital Delivery Services\Dell.D3.WinSvc.exe [38096 2020-01-24] (Dell Inc -> )
    R2 Dell Hardware Support; C:\Program Files\Dell\SupportAssistAgent\PCDr\SupportAssist\6.0.7106.1428\DSAPI.exe [965104 2020-05-05] (PC-Doctor, Inc. -> PC-Doctor, Inc.)
    R2 Dell SupportAssist Remediation; C:\Program Files\Dell\SARemediation\agent\DellSupportAssistRemedationService.exe [308424 2019-09-25] (Dell Inc -> Dell Inc.)
    R2 DellClientManagementService; C:\Program Files (x86)\Dell\UpdateService\ServiceShell.exe [36544 2020-04-17] (Dell Inc -> )
    R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [40104 2019-11-15] (CHENGDU YIWO Tech Development Co., Ltd. -> CHENGDU YIWO Tech Development Co., Ltd)
    R2 Killer Analytics Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerAnalyticsService.exe [1731592 2019-10-22] (Rivet Networks LLC -> Rivet Networks)
    R2 Killer Network Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KillerNetworkService.exe [2649608 2019-10-22] (Rivet Networks LLC -> Rivet Networks)
    R3 Killer Wifi Optimization Service; C:\Windows\System32\drivers\RivetNetworks\Killer\KAPSService.exe [73720 2019-10-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R2 McAfee WebAdvisor; C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe [946256 2020-07-16] (McAfee, LLC -> McAfee, LLC)
    R2 McAPExe; C:\Program Files\Common Files\McAfee\VSCore_20_4\McApExe.exe [768256 2020-06-08] (McAfee, LLC -> McAfee, LLC)
    S3 McAWFwk; C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe [460704 2019-08-14] (McAfee, LLC. -> McAfee, Inc.)
    R2 mccspsvc; C:\Program Files\Common Files\McAfee\CSP\3.6.124.0\\McCSPServiceHost.exe [2726312 2020-05-28] (McAfee, LLC -> McAfee, LLC)
    S3 mfefire; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
    R2 mfemms; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
    R3 mfevtp; C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe [644200 2020-03-27] (McAfee, Inc. -> McAfee, LLC)
    R2 ModuleCoreService; C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe [1742272 2020-05-15] (McAfee, LLC -> McAfee, LLC)
    R2 NahimicService; C:\Windows\system32\NahimicService.exe [1305840 2019-06-18] (A-Volute -> Nahimic)
    R2 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [874472 2020-05-07] (NVIDIA Corporation -> NVIDIA Corporation)
    R2 PDFProFiltSrvPP; C:\Program Files (x86)\Nuance\PaperPort\PDFProFiltSrvPP.exe [77336 2015-01-19] (Nuance Communications, Inc. -> Nuance Communications, Inc.)
    R2 PEFService; C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe [4212808 2020-05-26] (McAfee, LLC -> McAfee, LLC)
    R2 SDScannerService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDFSSvc.exe [3892080 2019-03-19] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    R2 SDUpdateService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDUpdSvc.exe [4741680 2020-03-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    R2 SDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy 2\SDWSCSvc.exe [940976 2019-09-04] (Safer-Networking Ltd. -> Safer-Networking Ltd.)
    R2 SupportAssistAgent; C:\Program Files\Dell\SupportAssistAgent\bin\SupportAssistAgent.exe [38360 2020-05-03] (Dell Inc. -> Dell Inc.)
    S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [4098056 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
    S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [113992 2019-03-18] (Microsoft Corporation -> Microsoft Corporation)
    S2 xTendSoftAPService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendSoftAPService.exe [73728 2019-10-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R2 xTendUtilityService; C:\Windows\System32\drivers\RivetNetworks\Killer\xTendUtilityService.exe [73736 2019-10-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
    S3 XTU3SERVICE; C:\Windows\SysWOW64\XtuService.exe [79960 2019-08-08] (Intel Corporation -> Intel(R) Corporation)
    R2 NVDisplay.ContainerLocalSystem; C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_d270e5eea12c358c\Display.NvContainer\NVDisplay.Container.exe -s NVDisplay.ContainerLocalSystem -f %ProgramData%\NVIDIA\NVDisplay.ContainerLocalSystem.log -l 3 -d C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_d270e5eea12c358c\Display.NvContainer\plugins\LocalSystem -r -p 30000 -cfg NVDisplay.ContainerLocalSystem\LocalSystem

    ===================== Drivers (Whitelisted) ===================

    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

    S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20640 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35560 2018-05-10] (WDKTestCert build,131474841775766162 -> Apple Inc.)
    R3 AWCCDriver; C:\Windows\System32\drivers\AWCCDriver.sys [42440 2020-03-21] (IndiLogic LLC -> Dell Inc.)
    S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [231936 2020-03-21] (Microsoft Corporation) [File not signed]
    R3 cfwids; C:\Windows\System32\drivers\cfwids.sys [75704 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R3 CyUcmClient_Device; C:\Windows\System32\drivers\CyUcmClient.sys [165224 2019-05-21] (Cypress Semiconductor Corporation -> Cypress Semiconductor Corporation)
    R3 DBUtilDrv2; C:\Windows\System32\drivers\DBUtilDrv2.sys [24952 2020-05-25] (Microsoft Windows Hardware Compatibility Publisher -> )
    R4 DBUtil_2_3; C:\Windows\TEMP\DBUtil_2_3.Sys [14840 2020-07-17] (Dell Inc. -> )
    R3 DDDriver; C:\Windows\System32\drivers\dddriver64Dcsa.sys [35704 2020-01-03] (Microsoft Windows Hardware Compatibility Publisher -> Dell Inc.)
    R3 e2kw10x64; C:\Windows\System32\drivers\e2kw10x64.sys [1168168 2019-07-09] (Realtek Semiconductor Corp. -> Realtek)
    R0 EUBAKUP; C:\Windows\System32\drivers\eubakup.sys [73448 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
    R0 EUBKMON; C:\Windows\System32\drivers\EUBKMON.sys [53504 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> )
    R1 EUDSKACS; C:\Windows\system32\drivers\eudskacs.sys [22784 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
    R1 EUFDDISK; C:\Windows\system32\drivers\EuFdDisk.sys [341760 2019-06-28] (Microsoft Windows Hardware Compatibility Publisher -> CHENGDU YIWO Tech Development Co., Ltd)
    S3 HipShieldK; C:\Windows\System32\drivers\HipShieldK.sys [218960 2020-05-26] (McAfee, LLC -> McAfee, Inc.)
    R3 KfeCoSvc; C:\Windows\System32\drivers\RivetNetworks\Killer\KfeCo10X64.sys [179336 2019-10-22] (Rivet Networks LLC -> Rivet Networks, LLC.)
    R3 mfeaack; C:\Windows\System32\drivers\mfeaack.sys [528824 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R3 mfeavfk; C:\Windows\System32\drivers\mfeavfk.sys [382392 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    S0 mfeelamk; C:\Windows\System32\drivers\mfeelamk.sys [85928 2020-04-09] (Microsoft Windows Early Launch Anti-malware Publisher -> McAfee, LLC)
    R3 mfefirek; C:\Windows\System32\drivers\mfefirek.sys [521648 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R0 mfehidk; C:\Windows\System32\drivers\mfehidk.sys [1000880 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R3 mfencbdc; C:\Windows\System32\DRIVERS\mfencbdc.sys [595592 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
    S3 mfencrk; C:\Windows\System32\DRIVERS\mfencrk.sys [108168 2020-05-01] (McAfee, Inc. -> McAfee LLC.)
    R3 mfeplk; C:\Windows\System32\drivers\mfeplk.sys [116664 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R0 mfewfpk; C:\Windows\System32\drivers\mfewfpk.sys [252336 2020-04-09] (McAfee, Inc. -> McAfee, LLC)
    R3 nvlddmkm; C:\Windows\System32\DriverStore\FileRepository\nvddi.inf_amd64_d270e5eea12c358c\nvlddmkm.sys [24671128 2020-06-22] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 NvModuleTracker; C:\Windows\System32\drivers\NvModuleTracker.sys [50592 2020-03-04] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvad_WaveExtensible; C:\Windows\system32\drivers\nvvad64v.sys [69840 2019-04-17] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 nvvhci; C:\Windows\System32\drivers\nvvhci.sys [67456 2020-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
    R3 OEM05Afx; C:\Windows\system32\Drivers\OEM05Afx.sys [212864 2007-06-08] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
    R3 OEM05Vfx; C:\Windows\system32\DRIVERS\OEM05Vfx.sys [12288 2007-03-05] (Microsoft Windows Hardware Compatibility Publisher -> EyePower Games Pte. Ltd.)
    R3 OEM05Vid; C:\Windows\system32\DRIVERS\OEM05Vid.sys [266720 2007-07-20] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
    R3 ScrHIDDriver2; C:\Windows\System32\drivers\ScrHIDDriver2.sys [68576 2019-06-13] (SCREENOVATE TECHNOLOGIES LTD. -> Screenovate Technologies Ltd.)
    S0 Spybot3ELAM; C:\Windows\System32\drivers\Spybot3ELAM.sys [19904 2019-06-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Windows (R) Win 7 DDK provider)
    R3 UcmCxUcsiNvppc; C:\Windows\System32\DriverStore\FileRepository\nvppc.inf_amd64_0f22333f160a8f42\UcmCxUcsiNvppc.sys [774856 2020-06-21] (NVIDIA Corporation -> NVIDIA Corporation)
    S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [46472 2019-03-18] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
    S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [333784 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [62432 2019-03-18] (Microsoft Windows -> Microsoft Corporation)
    R3 XTUComponent; C:\Windows\System32\drivers\iocbios2.sys [47520 2019-08-08] (Intel Corporation -> Intel Corporation)

    ==================== NetSvcs (Whitelisted) ===================

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •