Czepa

sorry, ive been experiencing domestic abuse. why the question about crypto app? i use a browser addon wallet, but dont use it much. crypto is gambling and a pyramid/ponzi scheme destined to fail, or succeed at devaluing all stores of value (great - reset). if i block cs9.wac.phicdn.net or all phicdn.net in my router will this cause problems? CLEANMGR.exe doesnt open, is there a way to navigate to it through menus?

sorry for the late reply, ive been busy with work. and other issues SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 02.06.2022 14:29:38 Path starting: C:\Users\Ross\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ross VersionXML: 9.81is-29.05.2022 ___________________________________________________________________________ Windows 10(6.3.19044) (x64) Professional Release: 2009 Lang: English(0409) Installation date OS: 27.02.2021 05:28:58 LicenseStatus: Windows(R), Professional edition Volume activation will expire : 229254 minutes Boot Mode: Normal Default Browser: C:\Program Files\Waterfox\waterfox.exe SystemDrive: C: FS: [NTFS] Capacity: [465.2 Gb] Used: [385.8 Gb] Free: [79.4 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.789.19041.0 User Account Control enabled (Level 2) Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.9.198 v.4.5.9.198 GlassWire 2.3 (remove only) v.2.3.397 -------------------------- [ SecurityUtilities ] -------------------------- RogueKiller version 15.5.1.0 v.15.5.1.0 GlassWire 2.3 (remove only) v.2.3.397 --------------------------- [ OtherUtilities ] ---------------------------- GPL Ghostscript v.9.53.3 Warning! Download Update Uninstall old version and install new one. Steam v.2.10.91.91 OpenOffice 4.1.11 v.4.111.9808 Warning! Download Update ------------------------------ [ ArchAndFM ] ------------------------------ WinRAR 6.00 (64-bit) v.6.00.0 Warning! Download Update -------------------------- [ IMAndCollaborate ] --------------------------- Discord v.0.0.309 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- qBittorrent 4.3.3 v.4.3.3 Warning! Download Update -------------------------------- [ Media ] -------------------------------- VLC media player v.3.0.12 Warning! Download Update ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 86.0 (x64 en-US) v.86.0 Warning! Download Update Waterfox (x64 en-US) v.G4.1.2.1 Microsoft Edge v.88.0.705.81 Warning! Download Update ----------------------------- [ EmailClient ] ----------------------------- Mozilla Thunderbird (x86 en-US) v.91.9.1 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files (x86)\GlassWire\GlassWire.exe v.2.3.397.0 C:\Program Files (x86)\GlassWire\GWIdlMon.exe v.2.3.397.0 GlassWire Control Service (GlassWire) - The service is running C:\Program Files (x86)\GlassWire\GWCtlSrv.exe v.2.3.397.0 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1302 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1058 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe v.4.18.2203.5 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe v.4.18.2203.5 Microsoft Defender Antivirus Service (WinDefend) - The service is running Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- CCleaner v.6.00 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program. ----------------------------- [ End of Log ] ------------------------------ OOPS, HERE IT IS RAN AS ADMINISTRATOR: SecurityCheck by glax24 & Severnyj v.1.4.0.54 [06.12.21] WebSite: www.safezone.cc DateLog: 03.06.2022 01:59:30 Path starting: C:\Users\Ross\AppData\Local\Temp\SecurityCheck\SecurityCheck.exe Log directory: C:\SecurityCheck\ IsAdmin: True User: Ross VersionXML: 9.81is-29.05.2022 ___________________________________________________________________________ Windows 10(6.3.19044) (x64) Professional Release: 2009 Lang: English(0409) Installation date OS: 27.02.2021 05:28:58 LicenseStatus: Windows(R), Professional edition Volume activation will expire : 228564 minutes Boot Mode: Normal Default Browser: C:\Program Files\Waterfox\waterfox.exe SystemDrive: C: FS: [NTFS] Capacity: [465.2 Gb] Used: [386.3 Gb] Free: [78.9 Gb] ------------------------------- [ Windows ] ------------------------------- Internet Explorer 11.789.19041.0 User Account Control enabled (Level 2) Security Center (wscsvc) - The service is running Remote Registry (RemoteRegistry) - The service has stopped SSDP Discovery (SSDPSRV) - The service is running Remote Desktop Services (TermService) - The service has stopped Windows Remote Management (WS-Management) (WinRM) - The service has stopped ---------------------------- [ Antivirus_WMI ] ---------------------------- Windows Defender (enabled and up to date) --------------------------- [ FirewallWindows ] --------------------------- Windows Defender Firewall (mpssvc) - The service is running ---------------------- [ AntiVirusFirewallInstall ] ----------------------- Malwarebytes version 4.5.9.198 v.4.5.9.198 GlassWire 2.3 (remove only) v.2.3.397 -------------------------- [ SecurityUtilities ] -------------------------- RogueKiller version 15.5.1.0 v.15.5.1.0 GlassWire 2.3 (remove only) v.2.3.397 --------------------------- [ OtherUtilities ] ---------------------------- GPL Ghostscript v.9.53.3 Warning! Download Update Uninstall old version and install new one. Steam v.2.10.91.91 OpenOffice 4.1.11 v.4.111.9808 Warning! Download Update ------------------------------ [ ArchAndFM ] ------------------------------ WinRAR 6.00 (64-bit) v.6.00.0 Warning! Download Update -------------------------- [ IMAndCollaborate ] --------------------------- Discord v.0.0.309 Warning! Download Update --------------------------------- [ P2P ] --------------------------------- qBittorrent 4.3.3 v.4.3.3 Warning! Download Update -------------------------------- [ Media ] -------------------------------- VLC media player v.3.0.12 Warning! Download Update ------------------------------- [ Browser ] ------------------------------- Mozilla Firefox 86.0 (x64 en-US) v.86.0 Warning! Download Update Waterfox (x64 en-US) v.G4.1.2.1 Microsoft Edge v.88.0.705.81 Warning! Download Update ----------------------------- [ EmailClient ] ----------------------------- Mozilla Thunderbird (x86 en-US) v.91.9.1 ------------------ [ AntivirusFirewallProcessServices ] ------------------- C:\Program Files (x86)\GlassWire\GlassWire.exe v.2.3.397.0 C:\Program Files (x86)\GlassWire\GWIdlMon.exe v.2.3.397.0 GlassWire Control Service (GlassWire) - The service is running C:\Program Files (x86)\GlassWire\GWCtlSrv.exe v.2.3.397.0 C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe v.4.0.0.1302 Malwarebytes Service (MBAMService) - The service is running C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe v.3.2.0.1058 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe v.4.18.2203.5 C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe v.4.18.2203.5 Microsoft Defender Antivirus Service (WinDefend) - The service is running Microsoft Defender Antivirus Network Inspection Service (WdNisSvc) - The service is running ---------------------------- [ UnwantedApps ] ----------------------------- CCleaner v.6.00 Warning! Suspected demo version of anti-spyware, driver updater or optimizer. If this program is not familiar to you it is recommended to uninstall it and execute PC scanning using Malwarebytes Anti-Malware. Possible you became a victim of fraud or social engineering. Computer experts no longer recommend this program. ----------------------------- [ End of Log ] ------------------------------

yeah its the latest

Thanks for the clarification ill run it tomorrow after work. goodnight, and cheers for all your help so far Malwarebytes www.malwarebytes.com -Log Details- Scan Date: 5/31/22 Scan Time: 10:34 PM Log File: caf1c6fa-e0ee-11ec-87fc-b42e99ecce76.json -Software Information- Version: 4.5.9.198 Components Version: 1.0.1689 Update Package Version: 1.0.55626 License: Free -System Information- OS: Windows 10 (Build 19044.1706) CPU: x64 File System: NTFS User: Miranda\Ross -Scan Summary- Scan Type: Threat Scan Scan Initiated By: Manual Result: Completed Objects Scanned: 296531 Threats Detected: 0 Threats Quarantined: 0 Time Elapsed: 2 min, 26 sec -Scan Options- Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Enabled Heuristics: Enabled PUP: Detect PUM: Detect -Scan Details- Process: 0 (No malicious items detected) Module: 0 (No malicious items detected) Registry Key: 0 (No malicious items detected) Registry Value: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Data Stream: 0 (No malicious items detected) Folder: 0 (No malicious items detected) File: 0 (No malicious items detected) Physical Sector: 0 (No malicious items detected) WMI: 0 (No malicious items detected) (end)

the reason i ask is because i talked with a developer friend and he said to be cautious of forks like this and mentioned that alot of github malware posting profiles have had provocative political statements. and although i agree with the statement it says on his the page linked: "Hi, I am Stanislav Polshyn - a lawyer, security observer and malware researcher from Ukraine (Chernobyl, Na'Vi, Щедрик, Colony of USA). Yankee go home!" ive downloaded it, but ill wait till later to run it.

mbst-grab-results.zip

im not posting any information that could allow someone to hack me am i? lets say they already have my IP

<Report> <Metadata Version="1" PCID="{BEF1DF85-CBE6-5C63-33F1-4F3CB0F0A9CC}" LastModification="2022.05.31 01:16:47.059" /> <EventBlocks> <Block0 Type="Scan" Processed="2854011" Found="0" Neutralized="0"> <Event0 Action="Scan" Time="132983998051681871" Object="" Info="Started" /> <Event1 Action="Scan" Time="132984046070572687" Object="" Info="Finished" /> </Block0> </EventBlocks> </Report> report_2022.05.30_23.56.03.txt

version 2 1H2 build 19044.1706 but cause the file is missing too, does this mean that its a file that has been placed there potentially by someone who has gained access to my system? like this: "Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)" do you see the capitalization differences in the file name? maybe i can check the publisher somehow? the one actually present in the file system has the capitalizations. i checked alot of the things listed as file missing and i would like it if they actually were deleted altogether, so long as it doesnt destroy functionality. i do not like windows phoning home all the time just on principle, its like android phones and their base band modem

it picked up nothing. 4 processing errors on some discord files, probably because they are in use.

i cannot screenshot it..... where is the log file placed?

but what does 'unknown owner' actually mean? does it mean that file is there but the ID is not what is expected? ok, doing the scan before bed, next reply after that may take a while.

@Maurice Naggar before i do that, can you please let me know if the github HijackThis mentioned above is legit and not potentially dangerous? i originally came here for simple clarification about what 'unknown owner' means, specifically if this means that a file of the same/similar name exists (being spoofed by malware).

no infections found. the log doesnt really say much about anything

here it is. is it possible this could have restored some of the microsoft telemetry and remote access services? i may run sophia after this whole process to make sure. msert.log

29/05/2022 23:46:13 PM Files scanned: 965702 Detected files: 6 Cleaned files: 6 Total scan time 01:36:34 Scan status: Finished i will not post the rest of the log, they were all PUPs just things i had downloaded years ago in my storage drive, games and applications. i will not post potentially incriminating information. none of the pups were currently installed applications

2 things i was wondering about: 'unknown object' is that a file that exists? like a spoof file placed there by sophia script (a powershell script that cleans everything and i accidentally deleted windows calculator :( oops) should i disable powershell? second - if i select the nvidia services and hit fix will this reinstall them properly or potentially break them? im pretty eager to select some of them like the realtek audio which i dont need the winsock basic repair deleted my temp gauges, but i can get them back. thankyou once again

basic repair gave me a blue screen of death because i opened the browser to post the log i think. i scanned again when it restarted, basic repair worked but there was 1 less item scanned 32,047 vs 32,048

hi sorry for the late reply, i ran it first with browser open accidentally, then closed the browser and ran it again, both as admin: # ------------------------------- # Malwarebytes AdwCleaner 8.3.2.0 # ------------------------------- # Build: 03-23-2022 # Database: 2022-03-15.3 (Local) # Support: https://www.malwarebytes.com/support # # ------------------------------- # Mode: Scan # ------------------------------- # Start: 05-29-2022 # Duration: 00:00:03 # OS: Windows 10 Pro # Scanned: 32048 # Detected: 0 ***** [ Services ] ***** No malicious services found. ***** [ Folders ] ***** No malicious folders found. ***** [ Files ] ***** No malicious files found. ***** [ DLL ] ***** No malicious DLLs found. ***** [ WMI ] ***** No malicious WMI found. ***** [ Shortcuts ] ***** No malicious shortcuts found. ***** [ Tasks ] ***** No malicious tasks found. ***** [ Registry ] ***** No malicious registry entries found. ***** [ Chromium (and derivatives) ] ***** No malicious Chromium entries found. ***** [ Chromium URLs ] ***** No malicious Chromium URLs found. ***** [ Firefox (and derivatives) ] ***** No malicious Firefox entries found. ***** [ Firefox URLs ] ***** No malicious Firefox URLs found. ***** [ Hosts File Entries ] ***** No malicious hosts file entries found. ***** [ Preinstalled Software ] ***** No Preinstalled Software found. AdwCleaner[S00].txt - [1405 octets] - [08/06/2021 05:28:02] AdwCleaner[C00].txt - [1595 octets] - [12/06/2021 18:42:38] AdwCleaner[S01].txt - [1527 octets] - [29/05/2022 12:30:23] ########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S02].txt ########## i ran basic repair afterwards

Hi, i think i may have some browser exploit or graphics card exploit. i have a few browser mods (waterfox userchrome.js), a taskbar mod, and sophia script to un-spyware windows itself. wheni scroll over something the popup text box stays until i scroll over the taskbar, in the past it would screw with windows focus and programs on the taskbar wewre unclickable until i right clicked it. sometimes id get a box that says search just sit in the middle of the screen for a long time over all apps. i will update all these mods and see if that does anything, but here is a log, i need to know if my computer is being remotely acessed or resources being used in any way. thanks!: Logfile of Trend Micro HijackThis v2.0.5 Scan saved at 12:23:20 PM, on 28/05/2022 Platform: Unknown Windows (WinNT 6.02.1008) MSIE: Internet Explorer v11.0 (11.00.19041.1566) Boot mode: Normal Running processes: C:\Program Files (x86)\GlassWire\GWIdlMon.exe C:\Program Files (x86)\GlassWire\GlassWire.exe C:\Program Files (x86)\Steam\Steam.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Users\Ross\AppData\Local\Discord\app-1.0.9004\Discord.exe C:\Program Files (x86)\OpenOffice 4\program\swriter.exe C:\Program Files (x86)\OpenOffice 4\program\soffice.exe C:\Program Files (x86)\OpenOffice 4\program\soffice.bin C:\Program Files (x86)\Battle.net\Battle.net.exe C:\ProgramData\Battle.net\Agent\Agent.7779\Agent.exe C:\Program Files (x86)\Battle.net\Battle.net.exe C:\Program Files (x86)\Battle.net\Battle.net.exe C:\Program Files (x86)\Battle.net\Battle.net.exe G:\Downloads\HijackThis(2).exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141 R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant = R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch = R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = F2 - REG:system.ini: UserInit=C:\Windows\system32\userinit.exe O2 - BHO: (no name) - AutorunsDisabled - (no file) O4 - HKLM\..\Run: [UAC-2 MixEfx Startup] "C:\Program Files (x86)\ZOOM\UAC-2 MixEfx\UAC-2 MixEfx Startup.exe" O4 - HKCU\..\Run: [7 Taskbar Tweaker] "C:\Users\Ross\AppData\Local\Programs\7+ Taskbar Tweaker\7+ Taskbar Tweaker.exe" -hidewnd O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR O4 - HKCU\..\Run: [GlassWire] "C:\Program Files (x86)\GlassWire\glasswire.exe" -hide O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE') O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE') O4 - Global Startup: SteelSeries Engine 3.lnk = C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesEngine3.exe O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing) O23 - Service: BattlEye Service (BEService) - Unknown owner - C:\Program Files (x86)\Common Files\BattlEye\BEService.exe O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: CredentialEnrollmentManagerUserSvc_2239cc - Unknown owner - C:\Windows\system32\CredentialEnrollmentManager.exe (file missing) O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\Windows\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing) O23 - Service: EasyAntiCheat - EasyAntiCheat Ltd - C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe O23 - Service: Easy Anti-Cheat (Epic Online Services) (EasyAntiCheat_EOS) - Epic Games, Inc. - C:\Program Files (x86)\EasyAntiCheat_EOS\EasyAntiCheat_EOS.exe O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing) O23 - Service: GlassWire Control Service (GlassWire) - SecureMix LLC - C:\Program Files (x86)\GlassWire\GWCtlSrv.exe O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: Lokinet for Windows (lokinet) - Loki Foundation - C:\Program Files\Lokinet\bin\lokinet.exe O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing) O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: NVIDIA Display Container LS (NVDisplay.ContainerLocalSystem) - NVIDIA Corporation - C:\Windows\System32\DriverStore\FileRepository\nv_dispsig.inf_amd64_145fe9c72c40de0a\Display.NvContainer\NVDisplay.Container.exe O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\Windows\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing) O23 - Service: RogueKiller RTP (rkrtservice) - Unknown owner - C:\Program Files\RogueKiller\RogueKillerSvc.exe O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_9971779a1c712866\RtkAudUService64.exe O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\Windows\system32\SecurityHealthService.exe (file missing) O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing) O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\Windows\System32\SensorDataService.exe (file missing) O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\Windows\system32\SgrmBroker.exe (file missing) O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing) O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\Windows\system32\spectrum.exe (file missing) O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing) O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing) O23 - Service: Stardock Start10 (Start10) - Stardock Software, Inc - C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\steamservice.exe O23 - Service: SteelSeries Update Service (SteelSeriesUpdateService) - Unknown owner - C:\Program Files\SteelSeries\SteelSeries Engine 3\SteelSeriesUpdateService.exe O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\Windows\system32\TieringEngineService.exe (file missing) O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing) O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing) O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing) O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing) O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing) O23 - Service: zmuac2service - ZOOM - C:\Program Files\ZOOM\UAC-2 Driver\zmuac2service.exe -- End of file - 9288 bytes my intention is to disable absolutely everything i can so long as it doesnt screw with normal operation. i dont need any RCP stuff although i know windows uses them for local tasks now.... (this has to be a security risk) if you give instrucions please dont hesistate to be detailed and go through multiple steps i know my way around windows very well.