Logfile of random's system information tool 1.10 (written by random/random) Run by up at 2017-01-16 17:02:34 Microsoft Windows 10 Home System drive C: has 74 GB (47%) free of 157 GB Total RAM: 8190 MB (81% free) HijackThis download failed ======Listing Processes====== C:\Windows\system32\lsass.exe C:\Windows\system32\svchost.exe -k DcomLaunch C:\Windows\system32\svchost.exe -k RPCSS C:\Windows\system32\svchost.exe -k netsvcs C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation "C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe" C:\Windows\system32\svchost.exe -k LocalService C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork C:\Windows\System32\svchost.exe -k NetworkService C:\Windows\System32\svchost.exe -k utcsvc C:\Windows\system32\svchost.exe -k LocalSystemNetworkRestricted C:\Windows\system32\svchost.exe -k appmodel taskeng.exe {E47DF8F5-1AD2-4CFA-94FC-1854CFB8B429} C:\Windows\system32\SearchIndexer.exe /Embedding "C:\Program Files\Windows Media Player\wmpnetwk.exe" "C:\Program Files (x86)\Google\Update\GoogleUpdate.exe" /c "C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler.exe" "C:\Program Files (x86)\Google\Update\1.3.31.5\GoogleCrashHandler64.exe" "C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe" C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted dashost.exe {b27bd4a0-3be2-4608-860065087f445193} "C:\Windows\System32\WUDFHost.exe" -HostGUID:{193a1820-d9ac-4997-8c55-be817523f6aa} -IoEventPortName:HostProcess-15f4d66f-95c4-4ef9-a55f-39f5142fba21 -SystemEventPortName:HostProcess-a2fefba8-575f-4f11-baba-9a63486a40cd -IoCancelEventPortName:HostProcess-b5ce3151-7602-4bbb-9f02-b47929693907 -NonStateChangingEventPortName:HostProcess-90e3a6dd-942a-4598-a101-3d80faa8d4c7 -ServiceSID:S-1-5-80-2652678385-582572993-1835434367-1344795993-749280709 -LifetimeId:4503e235-d1c7-4511-9f70-e1222981b8ec -DeviceGroupId:WpdFsGroup C:\Windows\System32\WinLogon.exe -SpecialSession "dwm.exe" sihost.exe taskhostw.exe {222A245B-E637-4AE9-A93F-A59CA119A75E} C:\Windows\Explorer.EXE C:\Windows\System32\RuntimeBroker.exe -Embedding "C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe" -ServerName:App.AppXtk181tbxbce2qsex02s8tw7hfxa9xb3t.mca "C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe" -ServerName:CortanaUI.AppXa50dqqa5gqv4a428c9y1jjw7m3btvepj.mca C:\Windows\system32\SettingSyncHost.exe -Embedding "C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe" "C:\Users\up\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background "C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe" "C:\Windows\System32\CtHelper.exe" C:\Windows\system32\svchost.exe -k UnistackSvcGroup "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe" C:\Windows\system32\ApplicationFrameHost.exe -Embedding "C:\Windows\ImmersiveControlPanel\SystemSettings.exe" -ServerName:microsoft.windows.immersivecontrolpanel "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe_S-1-5-21-2298669027-3435562919-2687061383-1002746_ Global\UsGthrCtrlFltPipeMssGthrPipe_S-1-5-21-2298669027-3435562919-2687061383-1002746 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "1" "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe" -ServerName:MicrosoftEdge.AppXdnhjhccw3zf0j06tkg3jtqr00qdm0khc.mca C:\Windows\system32\browser_broker.exe -Embedding C:\Windows\system32\AUDIODG.EXE 0x1d6c "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe" SCODEF:7636 CREDAT:140546 EDGEHOST /prefetch:6 "C:\Windows\system32\SearchFilterHost.exe" 0 604 616 624 8192 620 "C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe747_ Global\UsGthrCtrlFltPipeMssGthrPipe747 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" "D:\Downloads\RSITx64.exe" "C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe" SCODEF:7636 CREDAT:271661 EDGEHOST /prefetch:6 "D:\Downloads\RSITx64 (1).exe" C:\Windows\system32\wbem\wmiprvse.exe ======Scheduled tasks folder====== C:\Windows\tasks\Adobe Flash Player Updater.job - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe C:\Windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c C:\Windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler C:\Windows\tasks\UCBrowserUpdater.job - C:\Program Files (x86)\UCBrowser\Application\update_task.exe /update =========Mozilla firefox========= ProfilePath - C:\Users\up\AppData\Roaming\Mozilla\Firefox\Profiles\clog2f2d.default prefs.js - "browser.search.useDBForOrder" - false prefs.js - "browser.startup.homepage" - "http://www-searching.com/?site=shyosffdefault&prd=set_ff&s=g9hzftptn095001au, f3c9e472-2ccd-4b2e-82ac-f3b8adcf3213, " [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 23.0.0.185 Plugin "Path"=C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_23_0_0_185.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/DTPlugin,version=11.101.2] "Description"=Java™ Deployment Toolkit "Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\dtplugin\npDeployJava1.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@java.com/JavaPlugin,version=11.101.2] "Description"=Oracle® Next Generation Java™ Plug-In "Path"=C:\Program Files (x86)\Java\jre1.8.0_101\bin\plugin2\npjp2.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVision] "Description"=NVIDIA stereo images plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@nvidia.com/3DVisionStreaming] "Description"=NVIDIA 3D Vision Streaming plugin for Mozilla browsers "Path"=C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] "Description"=Google Update "Path"=C:\Program Files (x86)\Google\Update\1.3.31.5\npGoogleUpdate3.dll [HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer] "Description"=Adobe® Flash® Player 23.0.0.185 Plugin "Path"=C:\Windows\system32\Macromed\Flash\NPSWF64_23_0_0_185.dll C:\Users\up\AppData\Roaming\Mozilla\Firefox\Profiles\clog2f2d.default\searchplugins\ amazon.xml gk0exgsh.xml smod.xml ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}] Java(tm) Plug-In SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\ssv.dll [2016-09-15 473152] [HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java(tm) Plug-In 2 SSV Helper - C:\Program Files (x86)\Java\jre1.8.0_101\bin\jp2ssv.dll [2016-09-15 186944] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "AsioReg"=REGSVR32.EXE /S CTASIO.DLL [] "ShadowPlay"=C:\Windows\system32\nvspcap64.dll [2016-09-30 1842624] "SpaceSoundPro"=C:\Program Files\SpaceSoundPro\SpaceSoundPro.exe [2015-08-03 4203520] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "OneDrive"=C:\Users\up\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2016-09-07 633024] "apphide"=C:\Program Files (x86)\sbqh\uc.exe [2016-09-11 294959] "ComputerZ-Tray"=c:\program files (x86)\ludashi\ComputerZTray.exe [2016-08-24 2976680] "World of Tanks"=C:\Games\World_of_Tanks\WargamingGameUpdater.exe [] "Steam"=C:\Program Files (x86)\Steam\steam.exe [2016-07-23 2917456] [HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run] "AsioThk32Reg"=REGSVR32.EXE /S CTASIO.DLL [] "CTHelper"=CTHELPER.EXE [] "CTxfiHlp"=CTXFIHLP.EXE [] "SunJavaUpdateSched"=C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [2016-06-22 598552] "app"=C:\Program Files (x86)\sbqh\uc.exe [2016-09-11 294959] "DiskPower"=C:\Program Files (x86)\DPower\DiskPower.exe [2016-07-21 210432] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.11.376\SSScheduler.exe [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\TileDataModelSvc] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\zdengine] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\zdwfp] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "DSCAutomationHostEnabled"=2 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32] "midimapper"=midimap.dll "msacm.imaadpcm"=imaadp32.acm "msacm.l3acm"=C:\Windows\System32\l3codeca.acm "msacm.msadpcm"=msadp32.acm "msacm.msg711"=msg711.acm "msacm.msgsm610"=msgsm32.acm "vidc.i420"=iyuv_32.dll "vidc.iyuv"=iyuv_32.dll "vidc.mrle"=msrle32.dll "vidc.msvc"=msvidc32.dll "vidc.uyvy"=msyuv.dll "vidc.yuy2"=msyuv.dll "vidc.yvu9"=tsbyuv.dll "vidc.yvyu"=msyuv.dll "wavemapper"=msacm32.drv "wave"=wdmaud.drv "midi"=wdmaud.drv "mixer"=wdmaud.drv "aux"=wdmaud.drv "wave3"=wdmaud.drv "midi3"=wdmaud.drv "mixer3"=wdmaud.drv "aux3"=wdmaud.drv "wave4"=wdmaud.drv "midi4"=wdmaud.drv "mixer4"=wdmaud.drv "aux4"=wdmaud.drv "wave1"=wdmaud.drv "midi1"=wdmaud.drv "mixer1"=wdmaud.drv "wave2"=wdmaud.drv "midi2"=wdmaud.drv "mixer2"=wdmaud.drv "wave5"=wdmaud.drv "midi5"=wdmaud.drv "mixer5"=wdmaud.drv "wave6"=wdmaud.drv "midi6"=wdmaud.drv "mixer6"=wdmaud.drv "wave7"=wdmaud.drv "midi7"=wdmaud.drv "mixer7"=wdmaud.drv "wave8"=wdmaud.drv "midi8"=wdmaud.drv "mixer8"=wdmaud.drv "wave9"=wdmaud.drv "midi9"=wdmaud.drv "mixer9"=wdmaud.drv "aux2"=wdmaud.drv "aux5"=wdmaud.drv ======File associations====== .js - edit - C:\Windows\System32\Notepad.exe %1 .js - open - C:\Windows\System32\WScript.exe "%1" %* ======List of files/folders created in the last 1 month====== 2017-01-16 17:02:34 ----DC---- C:\Program Files\trend micro 2017-01-16 17:02:34 ----D---- C:\rsit 2017-01-03 18:42:17 ----D---- C:\Program Files (x86)\Steam ======List of files/folders modified in the last 1 month====== 2017-01-16 17:02:34 ----RDC---- C:\Program Files 2017-01-16 17:01:32 ----D---- C:\Windows\Prefetch 2017-01-16 16:56:04 ----D---- C:\Windows\Temp 2017-01-16 16:49:10 ----D---- C:\Windows\Microsoft.NET 2017-01-16 16:39:05 ----D---- C:\Windows\AppReadiness 2017-01-16 16:38:51 ----D---- C:\Windows\system32\Tasks 2017-01-16 16:38:14 ----D---- C:\Windows\system32\sru 2017-01-11 18:47:13 ----D---- C:\Windows\system32\config 2017-01-05 12:16:44 ----SHD---- C:\System Volume Information 2017-01-03 18:46:05 ----D---- C:\Windows\system32\NDF 2017-01-03 18:42:17 ----RD---- C:\Program Files (x86) 2017-01-03 18:37:24 ----D---- C:\Users\up\AppData\Roaming\Ludashi 2017-01-03 18:34:02 ----D---- C:\ProgramData\NVIDIA 2016-12-25 23:27:02 ----AD---- C:\Program Files (x86)\Minecraft ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\Windows\system32\drivers\filecrypt.sys [2016-04-23 87552] R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\Windows\System32\drivers\gpuenergydrv.sys [2015-10-30 8192] R1 MaohaWifiNetPro;MaohaWifiNetPro; \??\C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaoHaWiFiNet64.sys [2015-10-27 871152] R2 ComputerZLock;ComputerZLock; \??\C:\Program Files (x86)\LuDaShi\ComputerZLock_x64.sys [2016-05-19 44264] R2 KuaiZipDrive;KuaiZipDrive; \??\C:\Windows\system32\drivers\KuaiZipDrive.sys [2016-09-17 92872] R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\Windows\system32\drivers\mmcss.sys [2015-10-30 47616] R2 RMCAST;@%SystemRoot%\system32\wshrm.dll,-102; C:\Windows\system32\DRIVERS\RMCAST.sys [2016-04-27 147968] R2 storqosflt;@%SystemRoot%\System32\drivers\storqosflt.sys,-101; C:\Windows\system32\drivers\storqosflt.sys [2015-10-30 78848] R3 ComputerZ_x64;ComputerZ_x64; \??\C:\program files (x86)\ludashi\ComputerZ_x64.sys [2016-06-27 49152] R3 NVHDA;@oem9.inf,%NVHDA.SvcDesc%;Service for NVIDIA High Definition Audio Driver; C:\Windows\system32\drivers\nvhda64v.sys [2016-06-07 149960] R3 nvlddmkm;nvlddmkm; C:\Windows\system32\DRIVERS\nvlddmkm.sys [2016-08-16 14199352] R3 NVNET;@netnvm64.inf,%NVENETFD.Service.DispName%;NVIDIA nForce Ethernet Driver; C:\Windows\System32\drivers\nvmf6264.sys [2015-10-30 344192] R3 nvvad_WaveExtensible;@oem13.inf,%nvvad_WaveExtensible.SvcDesc%;NVIDIA Virtual Audio Device (Wave Extensible) (WDM); C:\Windows\system32\drivers\nvvad64v.sys [2016-08-23 46016] S0 LSI_SAS2i;LSI_SAS2i; C:\Windows\System32\drivers\lsi_sas2i.sys [2015-10-30 104800] S0 LSI_SAS3i;LSI_SAS3i; C:\Windows\System32\drivers\lsi_sas3i.sys [2015-10-30 99168] S0 percsas2i;percsas2i; C:\Windows\System32\drivers\percsas2i.sys [2015-10-30 58208] S0 percsas3i;percsas3i; C:\Windows\System32\drivers\percsas3i.sys [2015-10-30 58720] S0 storufs;@storufs.inf,%UfsServiceDesc%;Microsoft Universal Flash Storage (UFS) Driver; C:\Windows\System32\drivers\storufs.sys [2015-10-30 34144] S3 bcmfn;@bcmfn.inf,%bcmfn.SVCDESC%;bcmfn Service; C:\Windows\System32\drivers\bcmfn.sys [2015-10-30 9728] S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\Windows\System32\drivers\buttonconverter.sys [2015-10-30 37376] S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\Windows\System32\drivers\capimg.sys [2016-04-27 117248] S3 COMMONFX.DLL;COMMONFX.DLL; C:\Windows\System32\COMMONFX.DLL [2007-04-12 151296] S3 CT20XUT.DLL;CT20XUT.DLL; C:\Windows\System32\CT20XUT.DLL [2007-04-10 252712] S3 ctac32k;@oem3.inf,%CTAC32K.SvcDesc%;Creative AC3 Software Decoder; C:\Windows\system32\drivers\ctac32k.sys [2007-04-10 580904] S3 ctaud2k;@oem3.inf,%CTAUD2K.SvcDesc%;Creative Audio Driver (WDM); C:\Windows\system32\drivers\ctaud2k.sys [2007-04-10 863016] S3 CTAUDFX.DLL;CTAUDFX.DLL; C:\Windows\System32\CTAUDFX.DLL [2007-04-10 700200] S3 CTEAPSFX.DLL;CTEAPSFX.DLL; C:\Windows\System32\CTEAPSFX.DLL [2007-04-10 219432] S3 CTEDSPFX.DLL;CTEDSPFX.DLL; C:\Windows\System32\CTEDSPFX.DLL [2007-04-10 321832] S3 CTEDSPIO.DLL;CTEDSPIO.DLL; C:\Windows\System32\CTEDSPIO.DLL [2007-04-10 190248] S3 CTEDSPSY.DLL;CTEDSPSY.DLL; C:\Windows\System32\CTEDSPSY.DLL [2007-04-10 363304] S3 CTERFXFX.DLL;CTERFXFX.DLL; C:\Windows\System32\CTERFXFX.DLL [2007-04-10 142120] S3 CTEXFIFX.DLL;CTEXFIFX.DLL; C:\Windows\System32\CTEXFIFX.DLL [2007-04-10 1571112] S3 CTHWIUT.DLL;CTHWIUT.DLL; C:\Windows\System32\CTHWIUT.DLL [2007-04-10 123688] S3 ctprxy2k;@oem3.inf,%CTPRXY2K.SvcDesc%;Creative Proxy Driver; C:\Windows\system32\drivers\ctprxy2k.sys [2007-04-10 17192] S3 CTSBLFX.DLL;CTSBLFX.DLL; C:\Windows\System32\CTSBLFX.DLL [2007-04-10 681256] S3 ctsfm2k;@oem3.inf,%CTSFM2K.SvcDesc%;Creative SoundFont Management Device Driver; C:\Windows\system32\drivers\ctsfm2k.sys [2007-04-10 290600] S3 dg_ssudbus;@oem7.inf,%ssud.Service.DeviceDesc%;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2016-09-05 131712] S3 emupia;@oem3.inf,%EMUPIA.SvcDesc%;E-mu Plug-in Architecture Driver; C:\Windows\system32\drivers\emupia2k.sys [2007-04-10 147752] S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\Windows\System32\drivers\genericusbfn.sys [2015-10-30 20992] S3 ha10kx2k;@oem3.inf,%HA10KX.SvcDesc%;Creative Hardware Abstract Layer Driver; C:\Windows\system32\drivers\ha10kx2k.sys [2007-04-10 1359144] S3 hap16v2k;@oem3.inf,%HAP16V2K.SvcDesc%;Creative P16V HAL Driver; C:\Windows\system32\drivers\hap16v2k.sys [2007-04-10 259880] S3 hap17v2k;@oem3.inf,%HAP17V2K.SvcDesc%;Creative P17V HAL Driver; C:\Windows\system32\drivers\hap17v2k.sys [2007-04-10 295208] S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\Windows\System32\drivers\hidinterrupt.sys [2015-10-30 50016] S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\Windows\System32\drivers\iai2c.sys [2015-10-30 81408] S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\Windows\System32\drivers\iaLPSS2i_I2C.sys [2015-10-30 165888] S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\Windows\System32\drivers\ibbus.sys [2015-10-30 424800] S3 IoQos;@%SystemRoot%\system32\drivers\ioqos.sys,-100; C:\Windows\system32\drivers\ioqos.sys [2015-10-30 26624] S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\Windows\System32\drivers\mlx4_bus.sys [2015-10-30 705376] S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\Windows\System32\drivers\ndfltr.sys [2015-10-30 76128] S3 NvStreamKms;NVIDIA KMS; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-09-30 27584] S3 ossrv;@oem3.inf,%OSSRV.SvcDesc%;Creative OS Services Driver; C:\Windows\system32\drivers\ctoss2k.sys [2007-04-10 218408] S3 ReFSv1;ReFSv1; C:\Windows\system32\drivers\ReFSv1.sys [2015-10-30 930656] S3 SWDUMon;SWDUMon; C:\Windows\system32\DRIVERS\SWDUMon.sys [2016-11-24 25608] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944] R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944] R2 MaohaWifiSvr;MaohaWiFiService; C:\Program Files (x86)\GreatMaker\MaohaWiFi\MaohaWifiSvr.exe [2014-12-18 170464] R2 OneSyncSvc_1a8f293f;Host synchroniseren_1a8f293f; C:\Windows\system32\svchost.exe [2015-10-30 43944] R2 Stereo Service;NVIDIA Stereoscopic 3D Driver Service; C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvscpapisvr.exe [2016-08-11 426040] R3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944] R3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\Windows\System32\svchost.exe [2015-10-30 43944] R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944] R3 PimIndexMaintenanceSvc_1a8f293f;Contact Data_1a8f293f; C:\Windows\system32\svchost.exe [2015-10-30 43944] R3 StateRepository;@%SystemRoot%\system32\windows.staterepository.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 DeskTop_E;DeskTop DispalyName; C:\ProgramData\desktopfindkey\desktop179.exe [2016-07-27 243936] S2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 ed2kidle;ed2k idle service; C:\Program Files (x86)\amuleC\ed2k.exe [2016-10-08 237568] S2 gupdate;Google Update-service (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-15 153752] S2 HpSvc;Hardware Protection Service; C:\Windows\System32\svchost.exe [2015-10-30 43944] S2 KuaizipUpdateChecker;KuaizipUpdateChecker; C:\Windows\System32\svchost.exe [2015-10-30 43944] S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\Windows\System32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_159ee3;Host synchroniseren_159ee3; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_17ef2e;Host synchroniseren_17ef2e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_1d9c3e;Host synchroniseren_1d9c3e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_24536e3c;Host synchroniseren_24536e3c; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_27c838;Host synchroniseren_27c838; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_334d6;Host synchroniseren_334d6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_4c289;Host synchroniseren_4c289; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_4cd12;Host synchroniseren_4cd12; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_4d15d;Host synchroniseren_4d15d; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_5f896;Host synchroniseren_5f896; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_62abec6;Host synchroniseren_62abec6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_8a2e89bc;Host synchroniseren_8a2e89bc; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_a40c7fa5;Host synchroniseren_a40c7fa5; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_beb0a;Host synchroniseren_beb0a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_ca36125a;Host synchroniseren_ca36125a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_d94032da;Host synchroniseren_d94032da; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 OneSyncSvc_fb8d6a7;Host synchroniseren_fb8d6a7; C:\Windows\system32\svchost.exe [2015-10-30 43944] S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-07-25 324224] S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-10-12 270016] S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 BEService;BattlEye Service; C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2016-08-01 1404936] S3 BthHFSrv;@%SystemRoot%\System32\BthHFSrv.dll,-103; C:\Windows\System32\svchost.exe [2015-10-30 43944] S3 DcpSvc;@%SystemRoot%\system32\dcpsvc.dll,-3001; C:\Windows\System32\svchost.exe [2015-10-30 43944] S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-10-30 31744] S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-200; C:\Windows\System32\svchost.exe [2015-10-30 43944] S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2015-10-23 43696] S3 gupdatem;Google Update-service (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2016-10-15 153752] S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_159ee3;MessagingService_159ee3; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_17ef2e;MessagingService_17ef2e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_1a8f293f;MessagingService_1a8f293f; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_1d9c3e;MessagingService_1d9c3e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_24536e3c;MessagingService_24536e3c; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_27c838;MessagingService_27c838; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_334d6;MessagingService_334d6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_4c289;MessagingService_4c289; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_4cd12;MessagingService_4cd12; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_4d15d;MessagingService_4d15d; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_5f896;MessagingService_5f896; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_62abec6;MessagingService_62abec6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_8a2e89bc;MessagingService_8a2e89bc; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_a40c7fa5;MessagingService_a40c7fa5; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_beb0a;MessagingService_beb0a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_ca36125a;MessagingService_ca36125a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_d94032da;MessagingService_d94032da; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MessagingService_fb8d6a7;MessagingService_fb8d6a7; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe [2016-09-28 172488] S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\Windows\System32\svchost.exe [2015-10-30 43944] S3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_159ee3;Contact Data_159ee3; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_17ef2e;Contact Data_17ef2e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_1d9c3e;Contact Data_1d9c3e; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_24536e3c;Contact Data_24536e3c; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_27c838;Contact Data_27c838; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_334d6;Contact Data_334d6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_4c289;Contact Data_4c289; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_4cd12;Contact Data_4cd12; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_4d15d;Contact Data_4d15d; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_5f896;Contact Data_5f896; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_62abec6;Contact Data_62abec6; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_8a2e89bc;Contact Data_8a2e89bc; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_a40c7fa5;Contact Data_a40c7fa5; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_beb0a;Contact Data_beb0a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_ca36125a;Contact Data_ca36125a; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_d94032da;Contact Data_d94032da; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 PimIndexMaintenanceSvc_fb8d6a7;Contact Data_fb8d6a7; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\Windows\System32\svchost.exe [2015-10-30 43944] S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\Windows\System32\SensorDataService.exe [2016-09-07 1297408] S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\Windows\system32\svchost.exe [2015-10-30 43944] S3 Steam Client Service;Steam Client Service; C:\Program Files (x86)\Common Files\Steam\SteamService.exe [2016-07-23 837312] S4 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\Windows\system32\svchost.exe [2015-10-30 43944] S4 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.11.376\McCHSvc.exe [2016-07-19 327944] S4 NvContainerLocalSystem;NVIDIA LocalSystem Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 455616] S4 NvContainerNetworkService;NVIDIA NetworkService Container; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-09-30 455616] S4 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-09-30 1163712] S4 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2016-08-11 1365048] -----------------EOF-----------------