Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Really slow laptop

Started by BobScott49 , Dec 23 2019 02:14 PM

Page 3 of 8
1
2
3
4
5

Please log in to reply

#31
BobScott49

Posted 31 December 2019 - 05:30 AM

Member

Topic Starter
Member
66 posts

So this is the WmiPrvSE.exe log. But I'm sorry I must be being a bit thick here but I didn't understand what you mean by click on the option that is not currently checked

Process   CPU   Private Bytes   Working Set   PID   Description   Company Name   Verified Signer
WmiPrvSE.exe   39.70   8,720 K   16,600 K   5960   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
System Idle Process   35.01   60 K   8 K   0
procexp64.exe   13.88   38,116 K   69,256 K   10468   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
express.exe   1.86   45,864 K   46,972 K   5356   Garmin Express   Garmin Ltd. or its subsidiaries   (Verified) Garmin International, Inc.
GWW.exe   1.24   48,340 K   36,184 K   7900   e-Safe Compliance Client Application   Guardware Ltd.   (Verified) Guardware Ltd.
svchost.exe   1.12   12,276 K   21,120 K   3956   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
Interrupts   0.98   0 K   0 K   n/a   Hardware Interrupts and DPCs
System   0.85   204 K   1,904 K   4
lsass.exe   0.73   9,152 K   19,864 K   864   Local Security Authority Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
Dropbox.exe   0.54   188,476 K   102,780 K   10708   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
firefox.exe   0.50   132,192 K   165,932 K   2068   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
dwm.exe   0.48   104,908 K   95,148 K   1056   Desktop Window Manager   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe   0.46   225,704 K   259,160 K   10500   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
GWClient.exe   0.36   6,072 K   16,632 K   3872   e-Safe Compliance Client Service   Guardware Ltd   (Verified) Guardware Ltd.
firefox.exe   0.30   151,212 K   140,660 K   14188   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
servicehost.exe   0.25   9,216 K   13,032 K   9176   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
csrss.exe   0.25   4,440 K   6,468 K   800   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
amddvr.exe   0.23   171,628 K   9,680 K   6176   AMD ReLive: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
firefox.exe   0.17   168,572 K   206,724 K   5036   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
svchost.exe   0.15   39,092 K   43,760 K   2600   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
MfeAVSvc.exe   0.13   29,728 K   31,708 K   9300   McAfee Cloud AV   McAfee, LLC.   (Verified) McAfee, LLC.
EOS Utility.exe   0.10   26,604 K   17,064 K   4960   EOS Utility   Canon INC.   (Verified) Canon Inc.
explorer.exe   0.10   57,460 K   90,780 K   6080   Windows Explorer   Microsoft Corporation   (Verified) Microsoft Windows
EOSUPNPSV.exe   0.10   3,616 K   9,692 K   7028   Canon EOS UPNP Detector   CANON INC.   (Verified) Canon Inc.
MMSSHOST.exe   0.08   27,816 K   39,600 K   4180   McAfee Management Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
firefox.exe   0.07   114,392 K   76,240 K   10364   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe   0.05   63,860 K   100,888 K   11172   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
uihost.exe   0.05   4,852 K   2,096 K   1336   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
mcapexe.exe   0.04   3,416 K   3,032 K   1836   McAfee Access Protection   McAfee, LLC   (Verified) McAfee, LLC.
AGMService.exe   0.03   2,312 K   8,904 K   3688   Adobe Genuine Software Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
svchost.exe   0.03   13,324 K   28,424 K   552   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.03   14,252 K   14,420 K   1308   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ModuleCoreService.exe   0.02   31,160 K   27,692 K   4012   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
psi_tray.exe   0.02   1,360 K   6,452 K   8012   Secunia PSI Tray   Secunia   (Verified) Secunia
atieclxx.exe   0.02   2,516 K   9,936 K   2580   AMD External Events Client Module   AMD   (Verified) Advanced Micro Devices, Inc.
svchost.exe   0.02   2,312 K   7,056 K   8564   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.01   8,524 K   15,484 K   568   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe   0.01   31,240 K   31,020 K   12276   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
QtWebEngineProcess.exe   0.01   44,472 K   25,320 K   10536   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
SynTPEnh.exe   0.01   7,924 K   14,736 K   6848   Synaptics TouchPad 64-bit Enhancements   Synaptics Incorporated   (Verified) Synaptics Incorporated
SearchIndexer.exe   < 0.01   26,860 K   31,068 K   7992   Microsoft Windows Search Indexer   Microsoft Corporation   (Verified) Microsoft Windows
csrss.exe   < 0.01   1,740 K   3,400 K   680   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
spoolsv.exe   < 0.01   7,860 K   16,152 K   3296   Spooler SubSystem App   Microsoft Corporation   (Verified) Microsoft Windows
McCSPServiceHost.exe   < 0.01   7,432 K   16,200 K   7856   McAfee CSP Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
RAVBg64.exe   < 0.01   6,348 K   14,464 K   8448   HD Audio Background Process   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
Memory Compression   < 0.01   736 K   77,800 K   2668
svchost.exe   < 0.01   3,512 K   10,560 K   5028   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
firefox.exe   < 0.01   94,936 K   87,552 K   4692   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
YourPhone.exe   Suspended   16,152 K   29,784 K   8952           (No signature was present in the subject)
WmiPrvSE.exe       3,436 K   9,684 K   10748   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
wlanext.exe       2,008 K   6,636 K   3304   Windows Wireless LAN 802.11 Extensibility Framework   Microsoft Corporation   (Verified) Microsoft Windows
winlogon.exe       2,960 K   6,768 K   908   Windows Log-on Application   Microsoft Corporation   (Verified) Microsoft Windows
wininit.exe       1,428 K   3,784 K   784   Windows Start-Up Application   Microsoft Corporation   (Verified) Microsoft Windows Publisher
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe       15,344 K   29,576 K   13776   WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe   Microsoft Corporation   (Verified) Microsoft Windows
vidnotifier.exe       5,328 K   19,008 K   3868   Video Notifier   Digital Wave Ltd   (Verified) Digital Wave Ltd
unsecapp.exe       1,348 K   6,428 K   7000   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
unsecapp.exe       1,440 K   6,628 K   5924   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
taskhostw.exe       5,932 K   14,384 K   5152   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
SynTPHelper.exe       2,196 K   5,660 K   7260   Synaptics Pointing Device Helper   Synaptics Incorporated   (Verified) Synaptics Incorporated
SynTPEnhService.exe       3,404 K   8,804 K   2196   64-bit Synaptics Pointing Enhance Service   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe       3,360 K   7,888 K   2236   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,332 K   17,204 K   7240   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,112 K   15,144 K   11908   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,876 K   13,788 K   3200   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       8,500 K   27,460 K   8440   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,020 K   7,032 K   3388   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,384 K   13,116 K   3784   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,288 K   7,008 K   1808   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,148 K   14,132 K   1920   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,808 K   12,856 K   2916   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,620 K   7,728 K   976   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,088 K   9,896 K   12264   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,544 K   5,548 K   1276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,448 K   27,808 K   5952   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,828 K   9,068 K   1292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       30,728 K   37,344 K   3848   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,812 K   11,964 K   2076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,328 K   5,576 K   2620   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,828 K   9,484 K   7324   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,180 K   7,264 K   2592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,764 K   9,816 K   7132   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,156 K   7,516 K   2276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       10,324 K   29,252 K   11644   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,076 K   8,112 K   2712   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,168 K   8,796 K   2460   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,924 K   15,720 K   3136   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,496 K   10,128 K   1252   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,784 K   20,400 K   4396   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,052 K   23,004 K   5836   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,736 K   12,428 K   2228   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,840 K   6,060 K   2112   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,496 K   8,676 K   2096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,052 K   5,988 K   4616   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,112 K   11,556 K   1360   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,008 K   12,616 K   2336   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       8,992 K   15,572 K   3376   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,632 K   14,824 K   1260   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,704 K   9,372 K   1892   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,944 K   14,292 K   7292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,912 K   8,212 K   3124   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,868 K   12,124 K   2036   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,312 K   7,520 K   1612   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,324 K   7,748 K   4032   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,504 K   5,788 K   10876   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,796 K   11,136 K   1472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,584 K   15,248 K   6224   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,736 K   8,276 K   1352   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,812 K   11,060 K   10704   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,764 K   6,444 K   13064   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,940 K   8,904 K   6076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,916 K   12,704 K   4472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,328 K   4,972 K   4524   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,024 K   7,604 K   2736   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,728 K   6,616 K   3592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,684 K   7,056 K   3580   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,720 K   7,488 K   5844   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,528 K   10,964 K   6832   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,956 K   7,364 K   4288   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,720 K   6,696 K   4340   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,436 K   6,180 K   1960   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,192 K   8,224 K   12196   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,164 K   9,696 K   15096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,912 K   6,948 K   1300   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,180 K   8,768 K   3740   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,952 K   11,004 K   1284   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,036 K   7,760 K   1788   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,796 K   7,280 K   6692   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,120 K   7,572 K   1588   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,456 K   6,480 K   1776   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,640 K   5,740 K   4100   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,300 K   5,192 K   4304   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       960 K   2,176 K   64   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe       37,616 K   71,356 K   6748           (Verified) Microsoft Windows
splwow64.exe       9,000 K   26,204 K   2760   Print driver host for applications   Microsoft Corporation   (Verified) Microsoft Windows
smss.exe       1,156 K   652 K   408   Windows Session Manager   Microsoft Corporation   (Verified) Microsoft Windows Publisher
smartscreen.exe       7,772 K   21,976 K   12936   Windows Defender SmartScreen   Microsoft Corporation   (Verified) Microsoft Windows
sihost.exe       7,000 K   26,532 K   5800   Shell Infrastructure Host   Microsoft Corporation   (Verified) Microsoft Windows
ShellExperienceHost.exe   Suspended   14,284 K   45,904 K   14664   Windows Shell Experience Host   Microsoft Corporation   (Verified) Microsoft Windows
SgrmBroker.exe       2,828 K   5,848 K   12596   System Guard Runtime Monitor Broker Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SettingSyncHost.exe       2,536 K   4,500 K   312   Host Process for Setting Synchronization   Microsoft Corporation   (Verified) Microsoft Windows
services.exe       5,532 K   8,688 K   848   Services and Controller app   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SecurityHealthService.exe       2,800 K   11,176 K   12912   Windows Security Health Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SearchUI.exe   Suspended   79,624 K   79,864 K   8016   Search and Cortana application   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       8,712 K   23,380 K   5124   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       6,320 K   25,072 K   7536   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       5,044 K   27,404 K   13060   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       1,876 K   7,844 K   11604   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       4,044 K   18,072 K   7412   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       5,416 K   18,512 K   14764   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
rundll32.exe       1,908 K   9,604 K   7600   Windows host process (Rundll32)   Microsoft Corporation   (Verified) Microsoft Windows
RtlS5Wake.exe       4,288 K   11,936 K   10620   Realtek WOWL Utility   Realtek   (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe       4,680 K   13,968 K   8896   Realtek HD Audio Manager   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe       1,724 K   7,152 K   4148   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe       1,832 K   7,880 K   3020   Realtek Audio Service   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RemindersServer.exe   Suspended   7,904 K   16,316 K   8600   Reminders WinRT OOP Server   Microsoft Corporation   (Verified) Microsoft Windows
Registry       8,508 K   32,088 K   88
RadeonSettings.exe       161,576 K   7,252 K   6152   Radeon Settings: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
QtWebEngineProcess.exe       41,216 K   17,716 K   12360   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
ProtectedModuleHost.exe       4,228 K   13,532 K   5288   McAfee Protected Module Host   McAfee, LLC.   (Verified) McAfee, LLC.
procexp.exe       5,436 K   11,020 K   6876   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
PEFService.exe       1,648 K   1,440 K   3432   McAfee PEF Service   McAfee, Inc.   (Verified) McAfee, LLC.
OfficeClickToRun.exe       28,084 K   36,120 K   3764   Microsoft Office Click-to-Run (SxS)   Microsoft Corporation   (Verified) Microsoft Corporation
nlssrv32.exe       2,084 K   7,084 K   4044   This service enables products that use the Nalpeiron Licensing System    Nalpeiron Ltd.   (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe       9,772 K   13,032 K   9152   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
mfevtps.exe       6,304 K   11,016 K   5000   McAfee Process Validation Service   McAfee, LLC   (Verified) McAfee, Inc.
mfemms.exe       3,148 K   8,316 K   4024   McAfee Management Service   McAfee, LLC   (Verified) McAfee, Inc.
mfefire.exe       3,660 K   10,256 K   5880   McAfee Core Firewall Service   McAfee, LLC   (Verified) McAfee, Inc.
mDNSResponder.exe       1,960 K   6,312 K   3696   Bonjour Service   Apple Inc.   (Verified) Apple Inc.
McUICnt.exe       10,392 K   14,316 K   12552   McAfee   McAfee, LLC.   (Verified) McAfee, LLC.
McSmtFwk.exe       3,068 K   10,888 K   5012   McAfee Trusted Advisor Framework Exe   McAfee, LLC.   (Verified) McAfee, LLC.
mcshield.exe       42,144 K   21,172 K   9768   McAfee Scanner service   McAfee LLC.   (Verified) McAfee, Inc.
ijplmsvc.exe       6,916 K   10,912 K   3936   Inkjet Printer/Scanner/Fax Extended Survey Program Service       (Verified) Canon Inc.
HxTsr.exe   Suspended   14,012 K   25,496 K   12244   Microsoft Outlook Communications   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
HxOutlook.exe   Suspended   119,636 K   119,076 K   5404   Microsoft Outlook   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe       1,324 K   6,308 K   1408   HP WMI Service   HP Inc.   (Verified) HP Inc.
HPMSGSVC.exe       1,540 K   8,072 K   10656   HP Message Service   HP Inc.   (Verified) HP Inc.
fontdrvhost.exe       5,296 K   8,772 K   264   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
fontdrvhost.exe       1,620 K   2,532 K   304   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe       49,152 K   62,000 K   11112   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe       41,108 K   82,132 K   4532   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
DropboxUpdate.exe       2,056 K   3,936 K   7664   Dropbox Update   Dropbox, Inc.   (Verified) Dropbox, Inc
Dropbox.exe       2,472 K   10,332 K   11028   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
Dropbox.exe       1,952 K   7,440 K   10988   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
dllhost.exe       1,692 K   7,768 K   2652   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       1,376 K   6,452 K   2556   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       3,792 K   9,988 K   6700   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       3,336 K   11,296 K   612   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
DbxSvc.exe       2,536 K   5,356 K   3804   Dropbox Service   Dropbox, Inc.   (Verified) Dropbox, Inc
ctfmon.exe       5,256 K   14,340 K   6792   CTF Loader   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,500 K   5,892 K   9656   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,504 K   5,888 K   9184   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,444 K   5,588 K   3316   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
CompPkgSrv.exe       1,708 K   8,104 K   11152   Component Package Support Server   Microsoft Corporation   (Verified) Microsoft Windows
CastSrv.exe       3,664 K   9,572 K   8332   Casting protocol connection listener   Microsoft Corporation   (Verified) Microsoft Windows
BTDevMgr.exe       2,052 K   7,220 K   3712   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
audiodg.exe       10,100 K   19,220 K   2504   Windows Audio Device Graph Isolation    Microsoft Corporation   (Verified) Microsoft Windows
atiesrxx.exe       1,460 K   5,460 K   2252   AMD External Events Service Module   AMD   (Verified) Advanced Micro Devices, Inc.
armsvc.exe       1,392 K   6,180 K   3668   Adobe Acrobat Update Service   Adobe Systems   (Verified) Adobe Inc.
ApplicationFrameHost.exe       9,080 K   29,824 K   11992   Application Frame Host   Microsoft Corporation   (Verified) Microsoft Windows
app_updater.exe       6,696 K   9,612 K   3816   Digital Wave Update Service   Digital Wave Ltd   (Verified) Digital Wave Ltd
amdow.exe       2,108 K   6,912 K   9652   AMD ReLive: Desktop Overlay   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
AGSService.exe       1,920 K   9,068 K   3676   Adobe Genuine Software Integrity Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.

Process: WmiPrvSE.exe Pid: 5960

Type   Name
ALPC Port   \RPC Control\OLEFA9E4127575E353BC4D9419B1010
Desktop   \Default
Directory   \KnownDlls
Directory   \BaseNamedObjects
Event   \BaseNamedObjects\WBEM_ESS_OPEN_FOR_BUSINESS
Event   \KernelObjects\MaximumCommitCondition
Event   \BaseNamedObjects\EVENT_READYROOT/CIMV2PROVIDERSUBSYSTEM
Event   \BaseNamedObjects\TermSrvReadyEvent
File   C:\Windows\System32
File   \Device\CNG
File   \Device\KsecDD
File   C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePacken-GB_18362.13.43.0_neutral__8wekyb3d8bbwe\Windows\System32\en-GB\user32.dll.mui
File   C:\Windows\System32\wbem\en-US\cimwin32.dll.mui
File   \Device\DeviceApi
File   \Device\Nsi
File   \Device\0000001c
Key   HKLM\SYSTEM\ControlSet001\Control\Session Manager
Key   HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Versions
Key   HKLM
Key   HKLM
Key   HKLM\SOFTWARE\Microsoft\Ole
Key   HKLM\SYSTEM\ControlSet001\Control\Nls\Sorting\Ids
Key   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
Key   HKCR
Key   HKCR
Key   HKU\S-1-5-20\Control Panel\International
Key   HKCR
Key   HKLM\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces
Key   HKLM\SYSTEM\ControlSet001\Services\Tcpip\Parameters\Interfaces
Key   HKLM\SYSTEM\ControlSet001\Services\ServiceModelEndpoint 3.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET CLR Networking 4.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ServiceModelOperation 3.0.0.0\Performance
Key   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Perflib
Key   HKLM\SYSTEM\ControlSet001\Services\PerfProc\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\PerfNet\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\RemoteAccess\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET Data Provider for SqlServer\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ASP.NET\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ASP.NET_64_2.0.50727\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ASP.NET_2.0.50727\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ASP.NET_4.0.30319\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\aspnet_state\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET Memory Cache 4.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\rdyboost\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET Data Provider for Oracle\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\BITS\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NETFramework\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET CLR Data\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\.NET CLR Networking\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\PerfDisk\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\PerfOS\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ESENT\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\Lsa\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\LSM\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\MSDTC\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\MSDTC Bridge 3.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\MSDTC Bridge 4.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\MSSCNTRS\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\ServiceModelService 3.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\SMSvcHost 3.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\SMSvcHost 4.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\Spooler\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\TapiSrv\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\Tcpip\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\TermService\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\UGatherer\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\UGTHRSVC\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\usbhub\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 3.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\Windows Workflow Foundation 4.0.0.0\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\WmiApRpl\Performance
Key   HKLM\SYSTEM\ControlSet001\Services\WSearchIdxPi\Performance
Mutant   \BaseNamedObjects\SM0:5960:304:WilStaging_02
Mutant   \BaseNamedObjects\.NET CLR Data_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\PerfDisk_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\PerfNet_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ServiceModelEndpoint 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\rdyboost_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\PerfOS_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\RemoteAccess_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NET CLR Networking_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NET Memory Cache 4.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ASP.NET_2.0.50727_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NETFramework_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ASP.NET_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ASP.NET_4.0.30319_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NET CLR Networking 4.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NET Data Provider for Oracle_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\PerfProc_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ASP.NET_64_2.0.50727_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\.NET Data Provider for SqlServer_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\aspnet_state_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\BITS_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ESENT_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\Lsa_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\LSM_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\MSDTC_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\MSDTC Bridge 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\MSDTC Bridge 4.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\MSSCNTRS_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ServiceModelOperation 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\Tcpip_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\ServiceModelService 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\SMSvcHost 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\SMSvcHost 4.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\Spooler_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\TapiSrv_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\TermService_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\UGatherer_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\UGTHRSVC_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\usbhub_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\Windows Workflow Foundation 3.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\Windows Workflow Foundation 4.0.0.0_Perf_Library_Lock_PID_1748
Mutant   \BaseNamedObjects\WmiApRpl_Perf_Library_Lock_PID_1748
Mutant   \...\Installing
Mutant   \BaseNamedObjects\WSearchIdxPi_Perf_Library_Lock_PID_1748
Section   \BaseNamedObjects\Wmi Provider Sub System Counters
Section   \BaseNamedObjects\__ComCatalogCache__
Section   \BaseNamedObjects\__ComCatalogCache__
Semaphore   \BaseNamedObjects\SM0:5960:304:WilStaging_02_p0
Semaphore   \BaseNamedObjects\SM0:5960:304:WilStaging_02_p0h
Thread   WmiPrvSE.exe(5960): 5972
Thread   WmiPrvSE.exe(5960): 6584
Thread   WmiPrvSE.exe(5960): 3504
Thread   WmiPrvSE.exe(5960): 5972
Thread   WmiPrvSE.exe(5960): 7360
Thread   WmiPrvSE.exe(5960): 7372
Thread   WmiPrvSE.exe(5960): 7360
Thread   WmiPrvSE.exe(5960): 7384
Thread   WmiPrvSE.exe(5960): 7384
Thread   WmiPrvSE.exe(5960): 3504
Thread   WmiPrvSE.exe(5960): 7404
Thread   WmiPrvSE.exe(5960): 3520
Thread   WmiPrvSE.exe(5960): 5916
Thread   WmiPrvSE.exe(5960): 14804
Thread   WmiPrvSE.exe(5960): 14804
Thread   WmiPrvSE.exe(5960): 10244
Thread   WmiPrvSE.exe(5960): 10244
Thread   WmiPrvSE.exe(5960): 5916
WindowStation   \Windows\WindowStations\Service-0x0-3e4$
WindowStation   \Windows\WindowStations\Service-0x0-3e4$

#32
BobScott49

Posted 31 December 2019 - 05:32 AM

Member

Topic Starter
Member
66 posts

So this is the WmiPrvSE.exe log. But I'm sorry I must be being a bit thick here but I didn't understand what you mean by click on the option that is not currently checked

#33
BobScott49

Posted 31 December 2019 - 06:10 AM

Member

Topic Starter
Member
66 posts

Sorry for the duplicate posts.

So I've ordered the 8gb memory:

Samsung 8GB DDR4 PC4-21300, 2666MHZ, 260 PIN SODIMM, 1.2V, CL 19 laptop ram memory module

I guess if there is only one memory slot at least I'll double my RAM

#34
RKinner

Posted 31 December 2019 - 07:05 AM

Malware Expert

Expert
24,731 posts

There are two options under View, Lower Pane View.

DLLs

Handles

One is checked. Check the other one, make sure WmiPrvSE.exe
is still checked then make a new log. This will hopefully give us an idea of what WmiPrvSE.exe is up to.

I have checked with several other websites and if you really have the model that HP shows it is limited to only 8 GB and has only one slot regardless of what Speccy thinks.

#35
BobScott49

Posted 31 December 2019 - 07:25 AM

Member

Topic Starter
Member
66 posts

Okay got it.

Process   CPU   Private Bytes   Working Set   PID   Description   Company Name   Verified Signer
System Idle Process   52.58   60 K   8 K   0
GWProxy.exe   21.92   1,744 K   7,880 K   4564       Guardware Ltd.   (Verified) Guardware Ltd.
GWW.exe   20.89   50,052 K   31,108 K   7900   e-Safe Compliance Client Application   Guardware Ltd.   (Verified) Guardware Ltd.
procexp64.exe   13.90   39,432 K   71,784 K   12124   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
GWClient.exe   1.51   6,348 K   16,816 K   3872   e-Safe Compliance Client Service   Guardware Ltd   (Verified) Guardware Ltd.
System   1.46   204 K   1,792 K   4
dwm.exe   1.11   107,620 K   68,704 K   1056   Desktop Window Manager   Microsoft Corporation   (Verified) Microsoft Windows
Interrupts   0.99   0 K   0 K   n/a   Hardware Interrupts and DPCs
lsass.exe   0.95   9,292 K   11,012 K   864   Local Security Authority Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
WmiPrvSE.exe   0.78   8,296 K   15,600 K   5960   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.68   2,072 K   7,012 K   3388   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
Dropbox.exe   0.67   188,880 K   77,092 K   10708   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
svchost.exe   0.46   11,856 K   20,544 K   3956   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
firefox.exe   0.43   169,076 K   114,420 K   700   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe   0.42   153,916 K   77,884 K   14188   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
MfeAVSvc.exe   0.39   30,772 K   33,680 K   9300   McAfee Cloud AV   McAfee, LLC.   (Verified) McAfee, LLC.
csrss.exe   0.36   4,440 K   1,808 K   800   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
express.exe   0.34   45,520 K   18,732 K   5356   Garmin Express   Garmin Ltd. or its subsidiaries   (Verified) Garmin International, Inc.
mcshield.exe   0.30   42,412 K   19,968 K   9768   McAfee Scanner service   McAfee LLC.   (Verified) McAfee, Inc.
firefox.exe   0.24   261,236 K   255,096 K   10500   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
amddvr.exe   0.24   171,628 K   6,196 K   6176   AMD ReLive: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
explorer.exe   0.21   59,236 K   92,448 K   6080   Windows Explorer   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe   0.18   62,908 K   65,392 K   11112   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
servicehost.exe   0.15   10,320 K   13,240 K   9176   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
SearchIndexer.exe   0.10   28,712 K   18,708 K   7992   Microsoft Windows Search Indexer   Microsoft Corporation   (Verified) Microsoft Windows
services.exe   0.10   5,516 K   5,464 K   848   Services and Controller app   Microsoft Corporation   (Verified) Microsoft Windows Publisher
mcapexe.exe   0.07   3,440 K   2,684 K   1836   McAfee Access Protection   McAfee, LLC   (Verified) McAfee, LLC.
ijplmsvc.exe   0.06   12,600 K   11,940 K   3936   Inkjet Printer/Scanner/Fax Extended Survey Program Service       (Verified) Canon Inc.
EOS Utility.exe   0.06   26,604 K   2,976 K   4960   EOS Utility   Canon INC.   (Verified) Canon Inc.
AGMService.exe   0.04   2,312 K   8,700 K   3688   Adobe Genuine Software Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
EOSUPNPSV.exe   0.04   3,620 K   6,724 K   7028   Canon EOS UPNP Detector   CANON INC.   (Verified) Canon Inc.
svchost.exe   0.04   3,616 K   8,068 K   2236   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe   0.04   33,480 K   17,828 K   12276   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
firefox.exe   0.03   108,268 K   133,288 K   2484   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
uihost.exe   0.03   4,956 K   5,264 K   1336   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
psi_tray.exe   0.02   1,360 K   3,704 K   8012   Secunia PSI Tray   Secunia   (Verified) Secunia
svchost.exe   0.01   8,524 K   10,712 K   568   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe   0.01   39,388 K   11,328 K   10536   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
svchost.exe   0.01   2,292 K   6,896 K   1808   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
OfficeClickToRun.exe   0.01   28,132 K   11,668 K   3764   Microsoft Office Click-to-Run (SxS)   Microsoft Corporation   (Verified) Microsoft Corporation
csrss.exe   0.01   1,736 K   1,700 K   680   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.01   3,568 K   10,232 K   5028   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ModuleCoreService.exe   0.01   31,976 K   28,048 K   4012   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
SynTPEnh.exe   0.01   7,980 K   13,896 K   6848   Synaptics TouchPad 64-bit Enhancements   Synaptics Incorporated   (Verified) Synaptics Incorporated
smartscreen.exe   0.01   7,820 K   22,284 K   14300   Windows Defender SmartScreen   Microsoft Corporation   (Verified) Microsoft Windows
SecurityHealthService.exe   < 0.01   3,796 K   14,796 K   12912   Windows Security Health Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
MMSSHOST.exe   < 0.01   28,436 K   34,512 K   4180   McAfee Management Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
atieclxx.exe   < 0.01   2,516 K   9,940 K   2580   AMD External Events Client Module   AMD   (Verified) Advanced Micro Devices, Inc.
spoolsv.exe   < 0.01   7,572 K   15,396 K   3296   Spooler SubSystem App   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe   < 0.01   1,992 K   9,308 K   2652   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
Dropbox.exe   < 0.01   2,472 K   1,916 K   11028   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
svchost.exe   < 0.01   39,404 K   34,740 K   2600   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   < 0.01   2,824 K   13,340 K   3200   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
RadeonSettings.exe   < 0.01   161,576 K   6,704 K   6152   Radeon Settings: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
mfefire.exe   < 0.01   3,716 K   9,916 K   5880   McAfee Core Firewall Service   McAfee, LLC   (Verified) McAfee, Inc.
RAVBg64.exe   < 0.01   6,432 K   9,428 K   8448   HD Audio Background Process   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
YourPhone.exe   Suspended   16,152 K   1,452 K   8952           (No signature was present in the subject)
WmiPrvSE.exe       3,444 K   7,848 K   10748   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
wlanext.exe       2,008 K   6,488 K   3304   Windows Wireless LAN 802.11 Extensibility Framework   Microsoft Corporation   (Verified) Microsoft Windows
winlogon.exe       2,804 K   3,084 K   908   Windows Log-on Application   Microsoft Corporation   (Verified) Microsoft Windows
wininit.exe       1,428 K   316 K   784   Windows Start-Up Application   Microsoft Corporation   (Verified) Microsoft Windows Publisher
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe       15,340 K   8,672 K   13776   WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe   Microsoft Corporation   (Verified) Microsoft Windows
vidnotifier.exe       5,160 K   6,824 K   3868   Video Notifier   Digital Wave Ltd   (Verified) Digital Wave Ltd
unsecapp.exe       1,348 K   6,432 K   7000   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
unsecapp.exe       1,440 K   4,128 K   5924   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
taskhostw.exe       7,048 K   16,480 K   5152   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
SynTPHelper.exe       2,196 K   5,656 K   7260   Synaptics Pointing Device Helper   Synaptics Incorporated   (Verified) Synaptics Incorporated
SynTPEnhService.exe       3,404 K   8,472 K   2196   64-bit Synaptics Pointing Enhance Service   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe       4,604 K   13,212 K   3784   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,316 K   4,688 K   8564   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,972 K   15,660 K   3136   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       13,792 K   17,536 K   552   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       14,124 K   13,176 K   1308   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,764 K   20,088 K   4396   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,556 K   8,360 K   2096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,800 K   6,016 K   2112   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,932 K   12,668 K   2228   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,052 K   3,276 K   5836   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,496 K   9,608 K   1252   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,152 K   8,540 K   2460   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,340 K   15,920 K   7240   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,052 K   5,912 K   4616   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,552 K   5,556 K   1276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,328 K   5,500 K   2620   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,820 K   11,632 K   2076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       7,188 K   15,072 K   1920   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,332 K   7,780 K   4032   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,972 K   13,328 K   2916   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,628 K   7,704 K   976   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       10,268 K   19,528 K   11644   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,828 K   15,408 K   6224   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,220 K   13,156 K   7132   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,312 K   7,392 K   2276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,004 K   11,464 K   1360   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,944 K   2,424 K   7292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       39,360 K   29,080 K   3848   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,976 K   4,664 K   7324   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,216 K   5,880 K   12264   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,964 K   7,184 K   2592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,512 K   14,204 K   1260   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,152 K   9,920 K   3792   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,384 K   27,488 K   5952   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,792 K   9,428 K   1892   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       8,476 K   13,932 K   8440   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,356 K   8,788 K   8800   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,764 K   11,868 K   14624   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       9,048 K   13,840 K   3376   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,812 K   10,980 K   10704   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,700 K   7,124 K   14792   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,764 K   1,784 K   13064   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,828 K   9,012 K   1292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,368 K   5,512 K   15096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,068 K   3,740 K   2336   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,300 K   5,188 K   4304   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,504 K   5,812 K   7040   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,800 K   11,132 K   1472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,528 K   4,616 K   6832   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,376 K   6,552 K   1612   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,732 K   8,280 K   1352   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,212 K   8,228 K   1588   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,944 K   8,952 K   6076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,192 K   5,340 K   12196   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,824 K   6,928 K   10700   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,924 K   12,024 K   4472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,328 K   4,776 K   4524   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,028 K   7,384 K   2736   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,716 K   6,480 K   3592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,684 K   6,712 K   3580   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,888 K   8,032 K   2712   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,720 K   7,312 K   5844   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,956 K   6,944 K   4288   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,720 K   6,376 K   4340   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,436 K   5,948 K   1960   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,912 K   6,472 K   1300   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,180 K   8,536 K   3740   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,952 K   10,676 K   1284   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,036 K   7,804 K   1788   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,796 K   6,980 K   6692   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,456 K   6,228 K   1776   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,640 K   5,580 K   4100   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       960 K   368 K   64   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
StartMenuExperienceHost.exe       34,816 K   56,952 K   6748           (Verified) Microsoft Windows
smss.exe       1,156 K   320 K   408   Windows Session Manager   Microsoft Corporation   (Verified) Microsoft Windows Publisher
sihost.exe       7,264 K   26,756 K   5800   Shell Infrastructure Host   Microsoft Corporation   (Verified) Microsoft Windows
ShellExperienceHost.exe   Suspended   14,204 K   30,908 K   14664   Windows Shell Experience Host   Microsoft Corporation   (Verified) Microsoft Windows
SgrmBroker.exe       2,896 K   3,528 K   12596   System Guard Runtime Monitor Broker Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SettingSyncHost.exe       2,536 K   1,792 K   312   Host Process for Setting Synchronization   Microsoft Corporation   (Verified) Microsoft Windows
SearchUI.exe   Suspended   80,888 K   45,528 K   8016   Search and Cortana application   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       9,212 K   18,712 K   5124   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       4,204 K   15,052 K   7412   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       6,768 K   24,468 K   14764   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       5,232 K   21,504 K   13060   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       6,320 K   2,672 K   7536   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       1,740 K   4,060 K   11604   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
rundll32.exe       1,908 K   9,436 K   7600   Windows host process (Rundll32)   Microsoft Corporation   (Verified) Microsoft Windows
RtlS5Wake.exe       4,288 K   2,228 K   10620   Realtek WOWL Utility   Realtek   (Verified) Realtek Semiconductor Corp.
RtkNGUI64.exe       4,680 K   8,516 K   8896   Realtek HD Audio Manager   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe       1,724 K   6,988 K   4148   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkAudioService64.exe       1,832 K   7,852 K   3020   Realtek Audio Service   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RemindersServer.exe   Suspended   7,796 K   9,720 K   8600   Reminders WinRT OOP Server   Microsoft Corporation   (Verified) Microsoft Windows
Registry       8,828 K   33,068 K   88
QtWebEngineProcess.exe       41,216 K   2,912 K   12360   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
ProtectedModuleHost.exe       4,228 K   13,004 K   5288   McAfee Protected Module Host   McAfee, LLC.   (Verified) McAfee, LLC.
procexp.exe       5,380 K   11,032 K   12444   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
PEFService.exe       1,648 K   912 K   3432   McAfee PEF Service   McAfee, Inc.   (Verified) McAfee, LLC.
nlssrv32.exe       2,084 K   7,084 K   4044   This service enables products that use the Nalpeiron Licensing System    Nalpeiron Ltd.   (Certificate expired) Nalpeiron Ltd.
ModuleCoreService.exe       9,820 K   10,272 K   9152   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
mfevtps.exe       7,732 K   11,276 K   5000   McAfee Process Validation Service   McAfee, LLC   (Verified) McAfee, Inc.
mfemms.exe       3,116 K   7,660 K   4024   McAfee Management Service   McAfee, LLC   (Verified) McAfee, Inc.
Memory Compression       932 K   101,368 K   2668
mDNSResponder.exe       1,960 K   6,044 K   3696   Bonjour Service   Apple Inc.   (Verified) Apple Inc.
McUICnt.exe       10,392 K   5,864 K   12552   McAfee   McAfee, LLC.   (Verified) McAfee, LLC.
McSmtFwk.exe       3,068 K   2,852 K   5012   McAfee Trusted Advisor Framework Exe   McAfee, LLC.   (Verified) McAfee, LLC.
McCSPServiceHost.exe       8,524 K   16,920 K   7856   McAfee CSP Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
LocalBridge.exe       29,128 K   44,240 K   13124   LocalBridge       (Verified) Microsoft Corporation
HxTsr.exe   Suspended   15,280 K   26,508 K   12244   Microsoft Outlook Communications   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
HxOutlook.exe   Suspended   127,736 K   74,432 K   5404   Microsoft Outlook   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
HPWMISVC.exe       1,324 K   5,540 K   1408   HP WMI Service   HP Inc.   (Verified) HP Inc.
HPMSGSVC.exe       1,540 K   1,152 K   10656   HP Message Service   HP Inc.   (Verified) HP Inc.
fontdrvhost.exe       5,296 K   1,672 K   264   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
fontdrvhost.exe       1,780 K   1,416 K   304   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe       110,644 K   54,036 K   10364   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe       122,240 K   62,836 K   4692   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe       38,312 K   48,876 K   8436   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
DropboxUpdate.exe       2,068 K   3,712 K   7664   Dropbox Update   Dropbox, Inc.   (Verified) Dropbox, Inc
Dropbox.exe       1,952 K   1,160 K   10988   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
dllhost.exe       3,428 K   7,040 K   612   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       3,284 K   9,972 K   6700   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       1,492 K   3,492 K   2556   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
DbxSvc.exe       2,536 K   5,352 K   3804   Dropbox Service   Dropbox, Inc.   (Verified) Dropbox, Inc
ctfmon.exe       6,548 K   14,280 K   6792   CTF Loader   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,500 K   3,276 K   9656   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,504 K   3,272 K   9184   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,444 K   5,584 K   3316   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
CompPkgSrv.exe       1,560 K   5,772 K   11152   Component Package Support Server   Microsoft Corporation   (Verified) Microsoft Windows
CastSrv.exe       3,692 K   2,944 K   8332   Casting protocol connection listener   Microsoft Corporation   (Verified) Microsoft Windows
BTDevMgr.exe       2,052 K   7,088 K   3712   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
audiodg.exe       11,588 K   21,464 K   15068   Windows Audio Device Graph Isolation    Microsoft Corporation   (Verified) Microsoft Windows
atiesrxx.exe       1,460 K   5,448 K   2252   AMD External Events Service Module   AMD   (Verified) Advanced Micro Devices, Inc.
armsvc.exe       1,392 K   6,180 K   3668   Adobe Acrobat Update Service   Adobe Systems   (Verified) Adobe Inc.
ApplicationFrameHost.exe       16,464 K   26,508 K   11992   Application Frame Host   Microsoft Corporation   (Verified) Microsoft Windows
app_updater.exe       6,696 K   8,848 K   3816   Digital Wave Update Service   Digital Wave Ltd   (Verified) Digital Wave Ltd
amdow.exe       2,108 K   1,376 K   9652   AMD ReLive: Desktop Overlay   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
AGSService.exe       1,920 K   9,068 K   3676   Adobe Genuine Software Integrity Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.

Process: WmiPrvSE.exe Pid: 5960

Name   Description   Company Name   Path   Verified Signer
advapi32.dll   Advanced Windows 32 Base API   Microsoft Corporation   C:\Windows\System32\advapi32.dll   (Verified) Microsoft Windows
bcrypt.dll   Windows Cryptographic Primitives Library   Microsoft Corporation   C:\Windows\System32\bcrypt.dll   (Verified) Microsoft Windows
bcryptprimitives.dll   Windows Cryptographic Primitives Library   Microsoft Corporation   C:\Windows\System32\bcryptprimitives.dll   (Verified) Microsoft Windows
cfgmgr32.dll   Configuration Manager DLL   Microsoft Corporation   C:\Windows\System32\cfgmgr32.dll   (Verified) Microsoft Windows
cimwin32.dll   WMI Win32 Provider   Microsoft Corporation   C:\Windows\System32\wbem\cimwin32.dll   (Verified) Microsoft Windows
cimwin32.dll.mui   WMI Win32 Provider   Microsoft Corporation   C:\Windows\System32\wbem\en-US\cimwin32.dll.mui   (Verified) Microsoft Windows
clbcatq.dll   COM+ Configuration Catalog   Microsoft Corporation   C:\Windows\System32\clbcatq.dll   (Verified) Microsoft Windows
combase.dll   Microsoft COM for Windows   Microsoft Corporation   C:\Windows\System32\combase.dll   (Verified) Microsoft Windows
crypt32.dll   Crypto API32   Microsoft Corporation   C:\Windows\System32\crypt32.dll   (Verified) Microsoft Windows
cryptsp.dll   Cryptographic Service Provider API   Microsoft Corporation   C:\Windows\System32\cryptsp.dll   (Verified) Microsoft Windows
cscapi.dll   Offline Files Win32 API   Microsoft Corporation   C:\Windows\System32\cscapi.dll   (Verified) Microsoft Windows
devobj.dll   Device Information Set DLL   Microsoft Corporation   C:\Windows\System32\devobj.dll   (Verified) Microsoft Windows
dhcpcsvc.dll   DHCP Client Service   Microsoft Corporation   C:\Windows\System32\dhcpcsvc.dll   (Verified) Microsoft Windows
dhcpcsvc6.dll   DHCPv6 Client   Microsoft Corporation   C:\Windows\System32\dhcpcsvc6.dll   (Verified) Microsoft Windows
dnsapi.dll   DNS Client API DLL   Microsoft Corporation   C:\Windows\System32\dnsapi.dll   (Verified) Microsoft Windows
dskquota.dll   Windows Shell Disk Quota Support DLL   Microsoft Corporation   C:\Windows\System32\dskquota.dll   (Verified) Microsoft Windows
DXCore.dll   DXCore   Microsoft Corporation   C:\Windows\System32\DXCore.dll   (Verified) Microsoft Windows
fastprox.dll   WMI Custom Marshaller   Microsoft Corporation   C:\Windows\System32\wbem\fastprox.dll   (Verified) Microsoft Windows
framedynos.dll   WMI SDK Provider Framework   Microsoft Corporation   C:\Windows\System32\framedynos.dll   (Verified) Microsoft Windows
gdi32.dll   GDI Client DLL   Microsoft Corporation   C:\Windows\System32\gdi32.dll   (Verified) Microsoft Windows
gdi32full.dll   GDI Client DLL   Microsoft Corporation   C:\Windows\System32\gdi32full.dll   (Verified) Microsoft Windows
imm32.dll   Multi-User Windows IMM32 API Client DLL   Microsoft Corporation   C:\Windows\System32\imm32.dll   (Verified) Microsoft Windows
IPHLPAPI.DLL   IP Helper API   Microsoft Corporation   C:\Windows\System32\IPHLPAPI.DLL   (Verified) Microsoft Windows
kernel.appcore.dll   AppModel API Host   Microsoft Corporation   C:\Windows\System32\kernel.appcore.dll   (Verified) Microsoft Windows
kernel32.dll   Windows NT BASE API Client DLL   Microsoft Corporation   C:\Windows\System32\kernel32.dll   (Verified) Microsoft Windows
KernelBase.dll   Windows NT BASE API Client DLL   Microsoft Corporation   C:\Windows\System32\KernelBase.dll   (Verified) Microsoft Windows
locale.nls           C:\Windows\System32\locale.nls   (Verified) Microsoft Windows
logoncli.dll   Net Logon Client DLL   Microsoft Corporation   C:\Windows\System32\logoncli.dll   (Verified) Microsoft Windows
msasn1.dll   ASN.1 Runtime APIs   Microsoft Corporation   C:\Windows\System32\msasn1.dll   (Verified) Microsoft Windows
msvcp_win.dll   Microsoft® C Runtime Library   Microsoft Corporation   C:\Windows\System32\msvcp_win.dll   (Verified) Microsoft Windows
msvcrt.dll   Windows NT CRT DLL   Microsoft Corporation   C:\Windows\System32\msvcrt.dll   (Verified) Microsoft Windows
ncobjapi.dll       Microsoft Corporation   C:\Windows\System32\ncobjapi.dll   (Verified) Microsoft Windows
netutils.dll   Net Win32 API Helpers DLL   Microsoft Corporation   C:\Windows\System32\netutils.dll   (Verified) Microsoft Windows
nsi.dll   NSI User-mode interface DLL   Microsoft Corporation   C:\Windows\System32\nsi.dll   (Verified) Microsoft Windows
ntdll.dll   NT Layer DLL   Microsoft Corporation   C:\Windows\System32\ntdll.dll   (Verified) Microsoft Windows
oleaut32.dll   OLEAUT32.DLL   Microsoft Corporation   C:\Windows\System32\oleaut32.dll   (Verified) Microsoft Windows
perfos.dll   Windows System Performance Objects DLL   Microsoft Corporation   C:\Windows\System32\perfos.dll   (Verified) Microsoft Windows
powrprof.dll   Power Profile Helper DLL   Microsoft Corporation   C:\Windows\System32\powrprof.dll   (Verified) Microsoft Windows
profapi.dll   User Profile Basic API   Microsoft Corporation   C:\Windows\System32\profapi.dll   (Verified) Microsoft Windows
rpcrt4.dll   Remote Procedure Call Runtime   Microsoft Corporation   C:\Windows\System32\rpcrt4.dll   (Verified) Microsoft Windows
samcli.dll   Security Accounts Manager Client DLL   Microsoft Corporation   C:\Windows\System32\samcli.dll   (Verified) Microsoft Windows
schannel.dll   TLS / SSL Security Provider   Microsoft Corporation   C:\Windows\System32\schannel.dll   (Verified) Microsoft Windows
sechost.dll   Host for SCM/SDDL/LSA Lookup APIs   Microsoft Corporation   C:\Windows\System32\sechost.dll   (Verified) Microsoft Windows
secur32.dll   Security Support Provider Interface   Microsoft Corporation   C:\Windows\System32\secur32.dll   (Verified) Microsoft Windows
SHCore.dll   SHCORE   Microsoft Corporation   C:\Windows\System32\SHCore.dll   (Verified) Microsoft Windows
shell32.dll   Windows Shell Common Dll   Microsoft Corporation   C:\Windows\System32\shell32.dll   (Verified) Microsoft Windows
shlwapi.dll   Shell Light-weight Utility Library   Microsoft Corporation   C:\Windows\System32\shlwapi.dll   (Verified) Microsoft Windows
SortDefault.nls           C:\Windows\Globalization\Sorting\SortDefault.nls   (Verified) Microsoft Windows
sspicli.dll   Security Support Provider Interface   Microsoft Corporation   C:\Windows\System32\sspicli.dll   (Verified) Microsoft Windows
ucrtbase.dll   Microsoft® C Runtime Library   Microsoft Corporation   C:\Windows\System32\ucrtbase.dll   (Verified) Microsoft Windows
umpdc.dll           C:\Windows\System32\umpdc.dll   (Verified) Microsoft Windows
user32.dll   Multi-User Windows USER API Client DLL   Microsoft Corporation   C:\Windows\System32\user32.dll   (Verified) Microsoft Windows
user32.dll.mui   Multi-User Windows USER API Client DLL   Microsoft Corporation   C:\Program Files\WindowsApps\Microsoft.LanguageExperiencePacken-GB_18362.13.43.0_neutral__8wekyb3d8bbwe\Windows\System32\en-GB\user32.dll.mui   (Verified) Microsoft Corporation
userenv.dll   Userenv   Microsoft Corporation   C:\Windows\System32\userenv.dll   (Verified) Microsoft Windows
vdswmi.dll   WMI Provider for VDS   Microsoft Corporation   C:\Windows\System32\wbem\vdswmi.dll   (Verified) Microsoft Windows
wbemcomn.dll   WMI   Microsoft Corporation   C:\Windows\System32\wbemcomn.dll   (Verified) Microsoft Windows
wbemsvc.dll   WMI   Microsoft Corporation   C:\Windows\System32\wbem\wbemsvc.dll   (Verified) Microsoft Windows
win32u.dll   Win32u   Microsoft Corporation   C:\Windows\System32\win32u.dll   (Verified) Microsoft Windows
winbrand.dll   Windows Branding Resources   Microsoft Corporation   C:\Windows\System32\winbrand.dll   (Verified) Microsoft Windows
windows.storage.dll   Microsoft WinRT Storage API   Microsoft Corporation   C:\Windows\System32\windows.storage.dll   (Verified) Microsoft Windows
winsta.dll   Winstation Library   Microsoft Corporation   C:\Windows\System32\winsta.dll   (Verified) Microsoft Windows
wkscli.dll   Workstation Service Client DLL   Microsoft Corporation   C:\Windows\System32\wkscli.dll   (Verified) Microsoft Windows
WmiPrvSE.exe   WMI Provider Host   Microsoft Corporation   C:\Windows\System32\wbem\WmiPrvSE.exe   (Verified) Microsoft Windows
wmiutils.dll   WMI   Microsoft Corporation   C:\Windows\System32\wbem\wmiutils.dll   (Verified) Microsoft Windows
ws2_32.dll   Windows Socket 2.0 32-Bit DLL   Microsoft Corporation   C:\Windows\System32\ws2_32.dll   (Verified) Microsoft Windows
wtsapi32.dll   Windows Remote Desktop Session Host Server SDK APIs   Microsoft Corporation   C:\Windows\System32\wtsapi32.dll   (Verified) Microsoft Windows

My laptop model is definitely 15-0dbxxx

#36
RKinner

Posted 31 December 2019 - 07:32 AM

Malware Expert

Expert
24,731 posts

Looks like it's limited to one slot and 8 GB

https://www.crucial....catalogId=10151

Will take a while to look through the two logs.

#37
BobScott49

Posted 31 December 2019 - 07:33 AM

Member

Topic Starter
Member
66 posts

Okay no rush. I really appreciate your help

#38
RKinner

Posted 31 December 2019 - 09:53 AM

Malware Expert

Expert
24,731 posts

The big difference appears to be in the first one where you have a lot of entries with the Mutant label. I only have one. Let's look to see if you have something called costly performance counters turned on:

Copy:

(gwmi -query 'select * from meta_class').Name | ? { $_ -match "costly"}

Now open a Windows Power Shell:

Search for power and when you see it find Windows Power Shell, right click and run as Admin.

Then right click (and paste or Edit, Paste if necessary) and the copied line should appear. Hit Enter.

Wait until the prompt returns. If the prompt returns and nothing else then the costly things are not turned on.

Close Windows Power shell.

Copy the next 2 lines:

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem" /s >  %UserProfile%\desktop\junk.txt

notepad %UserProfile%\desktop\junk.txt

Open an Elevated Command Prompt and right click (Paste or Edit Paste) and the copied lines should appear. Hit Enter if notepad does not open. Copy the text from notepad and paste it into a reply.

Finally let's look at the WMI log.

Search for

event

and hit Enter. This should bring up the Event Viewer.

Click View > Show Analytic and Debug Logs
Browse (Click on the arrow in front of each to open it) to Applications and Services Logs > Microsoft > Windows > WMI-Activity

Verify that the Debug and Trace have 0 entries. Click on Operational. You should see a bunch of entries. Click on the first one in Red. What does it say?

#39
BobScott49

Posted 31 December 2019 - 10:21 AM

Member

Topic Starter
Member
66 posts

Nothing happened when I put the costly line into Powershell and the prompt returned

The second two lines appeared not to work and I got this response:

In Event Viewer, debug and trace had no entries and this is the response to clicking the first red entry:

#40
RKinner

Posted 31 December 2019 - 12:00 PM

Malware Expert

Expert
24,731 posts

The first one worked and showed we do not have any costly processes.

The second part failed because you ran it in Power Shell instead of a Command Prompt. They look about the same but act differently.

Go back into Event Viewer and right click on Debug and Trace and select Properties then check the box for Enable Logging then OK. Right click on Operational and Clear Log, No we do not want to save the log first.

Wait 15 minutes then go back into Event Viewer and look to see if you have any events in Operational, Debug or Trace. Look through the events and look for the ClientProcessID and write them down. Note any with Red or yellow marks. Assuming you have some events you can go back into Properties and uncheck Enable Logging for Debug & Trace

Then rerun Process Explorer. You can turn off the View, Lower Pane. This time click on the PID Column Header before you save the log. Near as I can tell the ClientProcessID is the same as the PID in Process Explorer so that we can identify who is talking to WMI.

#41
BobScott49

Posted 31 December 2019 - 02:19 PM

Member

Topic Starter
Member
66 posts

So I ran that previous command in Command Prompt but still got an error response:

After I followed your instructions there were no events in Operational, Debug or Trace.

Process   CPU   Private Bytes   Working Set   PID   Description   Company Name   Verified Signer
HPWMISVC.exe       1,572 K   3,288 K   16348   HP WMI Service   HP Inc.   (Verified) HP Inc.
cmd.exe       2,108 K   3,792 K   16284   Windows Command Processor   Microsoft Corporation   (Verified) Microsoft Windows
DataExchangeHost.exe       3,308 K   17,632 K   16252   Data Exchange Host   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe   0.09   252,584 K   167,300 K   16196   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe   0.03   91,720 K   117,644 K   16180   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
conhost.exe       7,436 K   18,256 K   15912   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       1,504 K   5,812 K   15896   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,416 K   3,408 K   15096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
procexp.exe       5,280 K   11,052 K   15048   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
McUICnt.exe       10,164 K   30,976 K   14852   McAfee   McAfee, LLC.   (Verified) McAfee, LLC.
RuntimeBroker.exe       5,736 K   14,236 K   14764   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
ShellExperienceHost.exe   Suspended   16,208 K   33,952 K   14664   Windows Shell Experience Host   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe       40,872 K   47,592 K   14252   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe   0.02   15,348 K   8,500 K   13776   WindowsInternal.ComposableShell.Experiences.TextInput.InputApp.exe   Microsoft Corporation   (Verified) Microsoft Windows
LocalBridge.exe       28,928 K   6,856 K   13124   LocalBridge       (Verified) Microsoft Corporation
RuntimeBroker.exe       5,488 K   17,436 K   13060   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
SecurityHealthService.exe       3,596 K   2,792 K   12912   Windows Security Health Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,368 K   1,620 K   12884   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SgrmBroker.exe       3,124 K   3,780 K   12596   System Guard Runtime Monitor Broker Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe       41,216 K   3,616 K   12360   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
QtWebEngineProcess.exe   0.05   38,492 K   21,060 K   12276   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
svchost.exe       2,116 K   5,448 K   12264   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
HxTsr.exe   Suspended   16,024 K   24,244 K   12244   Microsoft Outlook Communications   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
svchost.exe       2,240 K   6,544 K   12196   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ApplicationFrameHost.exe       22,580 K   20,716 K   11992   Application Frame Host   Microsoft Corporation   (Verified) Microsoft Windows
audiodg.exe       110,952 K   21,532 K   11892   Windows Audio Device Graph Isolation    Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       9,780 K   18,432 K   11644   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
RuntimeBroker.exe       1,752 K   6,048 K   11604   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
CompPkgSrv.exe       1,616 K   5,460 K   11152   Component Package Support Server   Microsoft Corporation   (Verified) Microsoft Windows
firefox.exe   0.16   71,312 K   57,428 K   11112   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
Dropbox.exe       2,484 K   2,284 K   11028   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
Dropbox.exe       1,952 K   860 K   10988   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
WmiPrvSE.exe   < 0.01   12,016 K   12,888 K   10748   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
Dropbox.exe   0.61   192,596 K   84,532 K   10708   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
svchost.exe       2,808 K   3,604 K   10704   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
HPMSGSVC.exe       1,576 K   2,372 K   10656   HP Message Service   HP Inc.   (Verified) HP Inc.
RtlS5Wake.exe       4,288 K   1,500 K   10620   Realtek WOWL Utility   Realtek   (Verified) Realtek Semiconductor Corp.
QtWebEngineProcess.exe   0.02   38,216 K   13,736 K   10536   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
firefox.exe   0.29   170,448 K   82,356 K   10512   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe   0.22   318,716 K   270,160 K   10500   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe   0.07   111,960 K   76,784 K   10364   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
mcshield.exe       39,616 K   19,492 K   9768   McAfee Scanner service   McAfee LLC.   (Verified) McAfee, Inc.
conhost.exe       6,500 K   3,272 K   9656   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
amdow.exe       2,108 K   800 K   9652   AMD ReLive: Desktop Overlay   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
MfeAVSvc.exe   0.95   24,404 K   26,604 K   9300   McAfee Cloud AV   McAfee, LLC.   (Verified) McAfee, LLC.
conhost.exe       6,504 K   3,268 K   9184   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
servicehost.exe   0.11   11,796 K   15,296 K   9176   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
ModuleCoreService.exe       9,768 K   10,404 K   9152   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
YourPhone.exe   Suspended   16,252 K   1,216 K   8952           (No signature was present in the subject)
RtkNGUI64.exe       4,680 K   8,704 K   8896   Realtek HD Audio Manager   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RemindersServer.exe   Suspended   8,284 K   7,112 K   8600   Reminders WinRT OOP Server   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.04   2,392 K   5,228 K   8564   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
RAVBg64.exe   < 0.01   6,460 K   9,496 K   8448   HD Audio Background Process   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
svchost.exe       8,092 K   8,780 K   8440   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
firefox.exe   < 0.01   738,796 K   134,824 K   8436   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
smartscreen.exe       7,780 K   22,060 K   8368   Windows Defender SmartScreen   Microsoft Corporation   (Verified) Microsoft Windows
CastSrv.exe       3,220 K   5,152 K   8332   Casting protocol connection listener   Microsoft Corporation   (Verified) Microsoft Windows
SearchUI.exe   Suspended   134,384 K   65,804 K   8016   Search and Cortana application   Microsoft Corporation   (Verified) Microsoft Windows
psi_tray.exe   0.02   1,360 K   3,696 K   8012   Secunia PSI Tray   Secunia   (Verified) Secunia
SearchIndexer.exe   0.01   31,620 K   28,268 K   7992   Microsoft Windows Search Indexer   Microsoft Corporation   (Verified) Microsoft Windows
GWW.exe   0.06   56,032 K   24,756 K   7900   e-Safe Compliance Client Application   Guardware Ltd.   (Verified) Guardware Ltd.
McCSPServiceHost.exe       8,060 K   14,716 K   7856   McAfee CSP Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
DropboxUpdate.exe       2,068 K   3,784 K   7664   Dropbox Update   Dropbox, Inc.   (Verified) Dropbox, Inc
rundll32.exe       1,908 K   9,432 K   7600   Windows host process (Rundll32)   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       7,088 K   13,124 K   7536   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       4,076 K   15,404 K   7412   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       2,844 K   4,836 K   7324   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,028 K   5,580 K   7292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SynTPHelper.exe       2,196 K   5,668 K   7260   Synaptics Pointing Device Helper   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe       5,352 K   16,996 K   7240   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.33   2,004 K   8,352 K   7188   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,224 K   10,264 K   7132   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
EOSUPNPSV.exe   0.02   3,724 K   6,864 K   7028   Canon EOS UPNP Detector   CANON INC.   (Verified) Canon Inc.
unsecapp.exe       1,356 K   6,456 K   7000   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
SynTPEnh.exe   < 0.01   8,360 K   14,224 K   6848   Synaptics TouchPad 64-bit Enhancements   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe       2,508 K   5,796 K   6832   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ctfmon.exe   0.17   9,740 K   14,804 K   6792   CTF Loader   Microsoft Corporation   (Verified) Microsoft Windows
StartMenuExperienceHost.exe       36,452 K   66,776 K   6748           (Verified) Microsoft Windows
dllhost.exe       3,292 K   10,100 K   6700   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       1,796 K   6,984 K   6692   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,928 K   19,168 K   6224   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
amddvr.exe   0.19   171,636 K   7,828 K   6176   AMD ReLive: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
RadeonSettings.exe       162,920 K   7,088 K   6152   Radeon Settings: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
explorer.exe   0.24   59,144 K   94,288 K   6080   Windows Explorer   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       2,772 K   10,448 K   6076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
WmiPrvSE.exe   46.36   8,180 K   14,600 K   5960   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       6,520 K   27,908 K   5952   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
unsecapp.exe       1,960 K   7,192 K   5924   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
mfefire.exe   0.01   3,972 K   10,488 K   5880   McAfee Core Firewall Service   McAfee, LLC   (Verified) McAfee, Inc.
svchost.exe       1,728 K   7,136 K   5844   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,300 K   8,772 K   5836   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
sihost.exe       10,336 K   18,824 K   5800   Shell Infrastructure Host   Microsoft Corporation   (Verified) Microsoft Windows
HxOutlook.exe   Suspended   134,416 K   69,580 K   5404   Microsoft Outlook   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
express.exe   0.65   45,104 K   20,320 K   5356   Garmin Express   Garmin Ltd. or its subsidiaries   (Verified) Garmin International, Inc.
ProtectedModuleHost.exe       4,228 K   13,080 K   5288   McAfee Protected Module Host   McAfee, LLC.   (Verified) McAfee, LLC.
procexp64.exe   26.36   34,848 K   67,860 K   5200   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
taskhostw.exe       6,824 K   16,652 K   5152   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       13,180 K   27,440 K   5124   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   < 0.01   3,560 K   10,536 K   5028   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
McSmtFwk.exe       3,076 K   1,052 K   5012   McAfee Trusted Advisor Framework Exe   McAfee, LLC.   (Verified) McAfee, LLC.
mfevtps.exe   0.50   7,304 K   11,312 K   5000   McAfee Process Validation Service   McAfee, LLC   (Verified) McAfee, Inc.
EOS Utility.exe   0.06   26,612 K   4,960 K   4960   EOS Utility   Canon INC.   (Verified) Canon Inc.
firefox.exe   0.04   93,576 K   65,400 K   4692   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
svchost.exe       2,056 K   5,996 K   4616   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,328 K   4,780 K   4524   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
firefox.exe   0.32   114,996 K   132,052 K   4496   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
svchost.exe       3,956 K   12,660 K   4472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,176 K   22,008 K   4396   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,724 K   6,680 K   4340   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,300 K   5,180 K   4304   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,960 K   6,964 K   4288   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
MMSSHOST.exe   0.19   30,756 K   36,256 K   4180   McAfee Management Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
RtkBtManServ.exe       1,744 K   7,012 K   4148   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
svchost.exe       1,644 K   5,580 K   4100   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
nlssrv32.exe       2,084 K   7,076 K   4044   This service enables products that use the Nalpeiron Licensing System    Nalpeiron Ltd.   (Certificate expired) Nalpeiron Ltd.
svchost.exe       2,336 K   7,792 K   4032   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
mfemms.exe       3,160 K   8,028 K   4024   McAfee Management Service   McAfee, LLC   (Verified) McAfee, Inc.
ModuleCoreService.exe   0.01   32,648 K   24,080 K   4012   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
svchost.exe   0.84   14,056 K   21,832 K   3956   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ijplmsvc.exe   < 0.01   31,544 K   15,628 K   3936   Inkjet Printer/Scanner/Fax Extended Survey Program Service       (Verified) Canon Inc.
GWClient.exe   6.21   6,984 K   17,360 K   3872   e-Safe Compliance Client Service   Guardware Ltd   (Verified) Guardware Ltd.
vidnotifier.exe       5,160 K   5,764 K   3868   Video Notifier   Digital Wave Ltd   (Verified) Digital Wave Ltd
svchost.exe       38,864 K   37,840 K   3848   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
app_updater.exe       6,700 K   8,944 K   3816   Digital Wave Update Service   Digital Wave Ltd   (Verified) Digital Wave Ltd
DbxSvc.exe       2,536 K   5,344 K   3804   Dropbox Service   Dropbox, Inc.   (Verified) Dropbox, Inc
svchost.exe   0.02   4,384 K   13,016 K   3784   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
OfficeClickToRun.exe   < 0.01   29,772 K   24,408 K   3764   Microsoft Office Click-to-Run (SxS)   Microsoft Corporation   (Verified) Microsoft Corporation
svchost.exe       2,180 K   8,548 K   3740   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
BTDevMgr.exe       2,052 K   7,092 K   3712   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
mDNSResponder.exe       1,968 K   6,112 K   3696   Bonjour Service   Apple Inc.   (Verified) Apple Inc.
AGMService.exe   0.02   2,328 K   9,060 K   3688   Adobe Genuine Software Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
AGSService.exe       2,000 K   10,304 K   3676   Adobe Genuine Software Integrity Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
armsvc.exe       1,392 K   6,172 K   3668   Adobe Acrobat Update Service   Adobe Systems   (Verified) Adobe Inc.
svchost.exe       1,704 K   6,664 K   3592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,672 K   6,960 K   3580   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
LocalBridge.exe       28,960 K   7,072 K   3504   LocalBridge       (Verified) Microsoft Corporation
PEFService.exe       1,648 K   852 K   3432   McAfee PEF Service   McAfee, Inc.   (Verified) McAfee, LLC.
svchost.exe       1,992 K   7,004 K   3388   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       9,156 K   15,616 K   3376   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
conhost.exe       6,444 K   5,576 K   3316   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
wlanext.exe       2,020 K   6,472 K   3304   Windows Wireless LAN 802.11 Extensibility Framework   Microsoft Corporation   (Verified) Microsoft Windows
spoolsv.exe   < 0.01   7,148 K   15,452 K   3296   Spooler SubSystem App   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       2,824 K   13,328 K   3200   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.05   5,928 K   15,740 K   3136   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
RtkAudioService64.exe       1,848 K   7,084 K   3020   Realtek Audio Service   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
svchost.exe       3,888 K   9,968 K   2916   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,028 K   4,632 K   2736   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,036 K   6,032 K   2712   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
Memory Compression   0.02   1,700 K   128,416 K   2668
dllhost.exe       1,596 K   4,956 K   2652   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       1,340 K   3,228 K   2620   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       41,096 K   37,256 K   2600   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,120 K   5,312 K   2592   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
atieclxx.exe   0.76   2,516 K   6,296 K   2580   AMD External Events Client Module   AMD   (Verified) Advanced Micro Devices, Inc.
dllhost.exe       1,396 K   3,568 K   2556   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.54   3,560 K   7,352 K   2460   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,972 K   3,600 K   2336   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
taskhostw.exe   3.90   2,672 K   9,840 K   2324   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.22   2,376 K   7,560 K   2276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
atiesrxx.exe       1,460 K   2,880 K   2252   AMD External Events Service Module   AMD   (Verified) Advanced Micro Devices, Inc.
svchost.exe   0.13   3,772 K   6,448 K   2236   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,820 K   8,548 K   2228   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SynTPEnhService.exe       3,404 K   4,572 K   2196   64-bit Synaptics Pointing Enhance Service   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe   0.17   1,864 K   6,236 K   2112   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,544 K   8,672 K   2096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,996 K   9,784 K   2076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,436 K   1,780 K   1960   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,828 K   11,284 K   1920   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.07   2,836 K   5,256 K   1892   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
mcapexe.exe   0.09   3,484 K   1,780 K   1836   McAfee Access Protection   McAfee, LLC   (Verified) McAfee, LLC.
svchost.exe   0.10   2,360 K   3,300 K   1808   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,036 K   2,224 K   1788   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,460 K   1,868 K   1776   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.06   5,468 K   3,832 K   1612   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,156 K   2,244 K   1588   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,816 K   5,952 K   1472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,124 K   5,532 K   1360   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,740 K   8,256 K   1352   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
uihost.exe   0.03   4,904 K   1,132 K   1336   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
svchost.exe   0.01   33,048 K   20,472 K   1308   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,916 K   1,876 K   1300   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,840 K   4,320 K   1292   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,976 K   3,032 K   1284   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,592 K   2,496 K   1276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,592 K   8,352 K   1260   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,600 K   5,340 K   1252   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
dwm.exe   4.05   124,040 K   84,896 K   1056   Desktop Window Manager   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe       2,668 K   4,292 K   976   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
winlogon.exe       2,836 K   3,972 K   908   Windows Log-on Application   Microsoft Corporation   (Verified) Microsoft Windows
lsass.exe   0.24   9,684 K   12,284 K   864   Local Security Authority Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
services.exe   0.40   5,588 K   5,412 K   848   Services and Controller app   Microsoft Corporation   (Verified) Microsoft Windows Publisher
csrss.exe   1.81   4,496 K   4,772 K   800   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
wininit.exe       1,428 K   216 K   784   Windows Start-Up Application   Microsoft Corporation   (Verified) Microsoft Windows Publisher
csrss.exe   0.06   1,760 K   1,620 K   680   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
dllhost.exe       4,632 K   5,256 K   612   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.30   9,572 K   11,892 K   568   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.01   14,140 K   17,820 K   552   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
smss.exe       1,156 K   252 K   408   Windows Session Manager   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SettingSyncHost.exe       2,908 K   1,052 K   312   Host Process for Setting Synchronization   Microsoft Corporation   (Verified) Microsoft Windows
fontdrvhost.exe       1,860 K   936 K   304   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
fontdrvhost.exe       5,408 K   3,680 K   264   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
Registry   0.04   8,952 K   35,600 K   88
svchost.exe       960 K   332 K   64   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
System   1.77   204 K   2,140 K   4
System Idle Process   3.57   60 K   8 K   0
Interrupts   2.45   0 K   0 K   n/a   Hardware Interrupts and DPCs

#42
RKinner

Posted 02 January 2020 - 08:18 AM

Malware Expert

Expert
24,731 posts

reg query "HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem" /s > %UserProfile%\desktop\junk.txt

works OK on my Win 10. Let's do it the hard way.

Search for:

regedit.exe

hit Enter. Yes. This should bring up the Registry Editor.

Find:

HKEY_LOCAL_MACHINE click on the arrow in front.

HKEY_LOCAL_MACHINE\SOFTWARE click on the arrow in front

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft click on the arrow in front

Click on:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Wbem

then right click and Export

Save to your desktop as wbem

Close Registry Editor

Right click on wbem.reg on your desktop and Edit.

Should open in notepad. File Save As (to your desktop) wbem (the .txt will be added automatically) and then attach wbem.txt to a REPLY.

Don't know why tracing didn't work. Sure made WBEM use a lot more CPU.

Could you use Autoruns to uncheck everything from Guardware, reboot then after 5 minutes run Process Explorer. Sort by clicking on the CPU column header. Then after a minute save the log and post it? You can go back into Autoruns and recheck the Guardware and reboot afterward so that you don't get in trouble.

#43
BobScott49

Posted 02 January 2020 - 09:33 AM

Member

Topic Starter
Member
66 posts

Happy New Year!

wbem.txt attached

Process   CPU   Private Bytes   Working Set   PID   Description   Company Name   Verified Signer
AGSService.exe       2,084 K   9,036 K   3616   Adobe Genuine Software Integrity Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
amdow.exe       2,144 K   7,228 K   8324   AMD ReLive: Desktop Overlay   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
app_updater.exe       6,388 K   7,564 K   3756   Digital Wave Update Service   Digital Wave Ltd   (Verified) Digital Wave Ltd
armsvc.exe       1,620 K   6,084 K   3596   Adobe Acrobat Update Service   Adobe Systems   (Verified) Adobe Inc.
atieclxx.exe       2,576 K   9,520 K   2500   AMD External Events Client Module   AMD   (Verified) Advanced Micro Devices, Inc.
atiesrxx.exe       1,484 K   5,460 K   2248   AMD External Events Service Module   AMD   (Verified) Advanced Micro Devices, Inc.
audiodg.exe       9,812 K   19,204 K   7656   Windows Audio Device Graph Isolation    Microsoft Corporation   (Verified) Microsoft Windows
browser_broker.exe       13,680 K   30,704 K   1772   Browser_Broker   Microsoft Corporation   (Verified) Microsoft Windows
BTDevMgr.exe       2,116 K   6,632 K   3648   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
CastSrv.exe       3,820 K   3,628 K   9028   Casting protocol connection listener   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,432 K   5,208 K   3272   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,524 K   5,492 K   9400   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
conhost.exe       6,520 K   6,208 K   8508   Console Window Host   Microsoft Corporation   (Verified) Microsoft Windows
csrss.exe       1,880 K   4,784 K   692   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ctfmon.exe       3,384 K   11,512 K   6388   CTF Loader   Microsoft Corporation   (Verified) Microsoft Windows
DbxSvc.exe       2,600 K   5,132 K   3744   Dropbox Service   Dropbox, Inc.   (Verified) Dropbox, Inc
dllhost.exe       4,072 K   10,244 K   7356   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
dllhost.exe       1,516 K   6,316 K   7588   COM Surrogate   Microsoft Corporation   (Verified) Microsoft Windows
Dropbox.exe       2,012 K   7,640 K   10472   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
DropboxUpdate.exe       2,212 K   3,656 K   10972   Dropbox Update   Dropbox, Inc.   (Verified) Dropbox, Inc
firefox.exe       31,620 K   42,824 K   10420   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
firefox.exe       43,760 K   43,432 K   10780   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
fontdrvhost.exe       1,572 K   2,332 K   368   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
fontdrvhost.exe       5,304 K   12,376 K   268   Usermode Font Driver Host   Microsoft Corporation   (Verified) Microsoft Windows
HPMSGSVC.exe       1,768 K   8,112 K   8928   HP Message Service   HP Inc.   (Verified) HP Inc.
HPWMISVC.exe       1,772 K   8,048 K   3180   HP WMI Service   HP Inc.   (Verified) HP Inc.
HxOutlook.exe   Suspended   36,592 K   1,336 K   11916   Microsoft Outlook   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
HxTsr.exe   Suspended   10,208 K   464 K   13064   Microsoft Outlook Communications   Microsoft Corporation   (No signature was present in the subject) Microsoft Corporation
McCSPServiceHost.exe       6,492 K   5,300 K   8964   McAfee CSP Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
mcshield.exe       41,440 K   36,248 K   10028   McAfee Scanner service   McAfee LLC.   (Verified) McAfee, Inc.
McSmtFwk.exe       3,652 K   11,788 K   12324   McAfee Trusted Advisor Framework Exe   McAfee, LLC.   (Verified) McAfee, LLC.
McUICnt.exe       10,464 K   6,384 K   12760   McAfee   McAfee, LLC.   (Verified) McAfee, LLC.
mDNSResponder.exe       1,940 K   5,900 K   3656   Bonjour Service   Apple Inc.   (Verified) Apple Inc.
mfefire.exe       4,096 K   10,004 K   6460   McAfee Core Firewall Service   McAfee, LLC   (Verified) McAfee, Inc.
mfevtps.exe       5,444 K   11,448 K   5572   McAfee Process Validation Service   McAfee, LLC   (Verified) McAfee, Inc.
MicrosoftEdge.exe   Suspended   25,780 K   24,892 K   1344   Microsoft Edge   Microsoft Corporation   (Verified) Microsoft Corporation
MicrosoftEdgeCP.exe   Suspended   5,732 K   21,848 K   12764   Microsoft Edge Content Process   Microsoft Corporation   (Verified) Microsoft Windows
MicrosoftEdgeSH.exe   Suspended   3,876 K   7,024 K   8432   Microsoft Edge Web Platform   Microsoft Corporation   (Verified) Microsoft Windows
MMSSHOST.exe       26,796 K   30,328 K   5460   McAfee Management Service Host   McAfee, LLC.   (Verified) McAfee, LLC.
ModuleCoreService.exe       10,484 K   7,296 K   704   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
nlssrv32.exe       2,160 K   6,948 K   4064   This service enables products that use the Nalpeiron Licensing System    Nalpeiron Ltd.   (Certificate expired) Nalpeiron Ltd.
OfficeClickToRun.exe       28,204 K   46,736 K   3704   Microsoft Office Click-to-Run (SxS)   Microsoft Corporation   (Verified) Microsoft Corporation
PEFService.exe       1,708 K   360 K   4076   McAfee PEF Service   McAfee, Inc.   (Verified) McAfee, LLC.
procexp.exe       5,268 K   11,012 K   12404   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
ProtectedModuleHost.exe       4,944 K   14,528 K   5680   McAfee Protected Module Host   McAfee, LLC.   (Verified) McAfee, LLC.
QtWebEngineProcess.exe       41,184 K   54,244 K   11768   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
RadeonSettings.exe       161,044 K   45,760 K   6264   Radeon Settings: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
Registry       9,408 K   30,336 K   88
RemindersServer.exe   Suspended   7,844 K   16,852 K   8612   Reminders WinRT OOP Server   Microsoft Corporation   (Verified) Microsoft Windows
RtkAudioService64.exe       1,800 K   7,576 K   2940   Realtek Audio Service   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RtkBtManServ.exe       1,704 K   6,552 K   3836   Realtek Bluetooth BTDevManager Service Application   Realtek Semiconductor Corp.   (Verified) Microsoft Windows Hardware Compatibility Publisher
RtkNGUI64.exe       4,712 K   13,812 K   8660   Realtek HD Audio Manager   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
RtlS5Wake.exe       4,236 K   10,520 K   3816   Realtek WOWL Utility   Realtek   (Verified) Realtek Semiconductor Corp.
RuntimeBroker.exe       1,580 K   6,684 K   10740   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       3,980 K   18,008 K   7376   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       6,384 K   22,844 K   3432   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       4,272 K   21,164 K   2268   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       3,304 K   19,368 K   9904   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
RuntimeBroker.exe       8,304 K   23,432 K   8220   Runtime Broker   Microsoft Corporation   (Verified) Microsoft Windows
SearchUI.exe   Suspended   76,004 K   69,660 K   4028   Search and Cortana application   Microsoft Corporation   (Verified) Microsoft Windows
SecurityHealthService.exe       3,268 K   13,380 K   13296   Windows Security Health Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SettingSyncHost.exe       2,684 K   4,524 K   7304   Host Process for Setting Synchronization   Microsoft Corporation   (Verified) Microsoft Windows
SgrmBroker.exe       3,944 K   6,836 K   11788   System Guard Runtime Monitor Broker Service   Microsoft Corporation   (Verified) Microsoft Windows Publisher
smartscreen.exe       7,788 K   22,160 K   12852   Windows Defender SmartScreen   Microsoft Corporation   (Verified) Microsoft Windows
smss.exe       1,180 K   908 K   404   Windows Session Manager   Microsoft Corporation   (Verified) Microsoft Windows Publisher
spoolsv.exe       6,328 K   13,096 K   3224   Spooler SubSystem App   Microsoft Corporation   (Verified) Microsoft Windows
StartMenuExperienceHost.exe       31,732 K   54,268 K   6952           (Verified) Microsoft Windows
svchost.exe       952 K   3,696 K   260   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,876 K   6,768 K   1272   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,316 K   6,768 K   1280   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,012 K   9,148 K   1288   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,168 K   11,540 K   1436   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,268 K   7,104 K   1612   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,956 K   6,916 K   1660   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,132 K   7,468 K   1672   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,584 K   6,432 K   1736   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,604 K   5,824 K   2096   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,916 K   6,984 K   2276   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,140 K   7,824 K   2624   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,036 K   7,252 K   2664   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       9,660 K   16,136 K   3308   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,872 K   6,692 K   3516   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,824 K   6,516 K   3524   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,224 K   8,584 K   3676   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,704 K   5,596 K   4088   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,056 K   6,956 K   4220   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,384 K   5,008 K   4316   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,348 K   5,216 K   4352   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,844 K   12,116 K   4488   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,660 K   5,476 K   4928   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,692 K   8,212 K   5240   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,844 K   7,316 K   5348   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,448 K   4,812 K   5700   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,852 K   7,488 K   6252   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,916 K   8,940 K   6644   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,228 K   9,128 K   8384   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,752 K   16,264 K   8796   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,684 K   11,548 K   11124   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,068 K   11,820 K   5136   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,824 K   6,904 K   3324   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,708 K   7,120 K   10924   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,780 K   9,084 K   1904   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,644 K   6,192 K   4304   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,056 K   10,392 K   12564   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,764 K   11,200 K   1580   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,556 K   9,036 K   10644   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,364 K   7,220 K   2880   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,800 K   11,768 K   11700   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,124 K   7,220 K   2520   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,420 K   22,096 K   10084   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,768 K   20,280 K   4296   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,840 K   5,880 K   2076   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       7,220 K   19,012 K   5324   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,204 K   8,220 K   3068   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,936 K   9,604 K   1256   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,948 K   12,420 K   2196   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,044 K   14,712 K   3016   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,000 K   8,360 K   12472   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,344 K   25,248 K   5476   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       7,032 K   14,584 K   1300   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       22,236 K   32,136 K   8340   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,416 K   8,256 K   2412   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,788 K   12,688 K   2828   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,328 K   7,660 K   3896   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       6,096 K   13,956 K   1964   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,864 K   9,300 K   7080   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,044 K   5,924 K   4588   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,212 K   7,168 K   8828   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,488 K   5,512 K   1264   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,664 K   7,644 K   924   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       14,640 K   20,788 K   3780   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       3,648 K   14,428 K   5860   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       5,416 K   16,524 K   6204   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,952 K   13,544 K   3160   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       4,368 K   13,204 K   3736   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       1,380 K   5,512 K   2552   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,284 K   6,524 K   1816   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe       2,060 K   7,072 K   3348   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
SynTPEnhService.exe       3,492 K   8,344 K   2128   64-bit Synaptics Pointing Enhance Service   Synaptics Incorporated   (Verified) Synaptics Incorporated
SynTPHelper.exe       2,248 K   5,436 K   7100   Synaptics Pointing Device Helper   Synaptics Incorporated   (Verified) Synaptics Incorporated
taskhostw.exe       6,092 K   14,480 K   5900   Host Process for Windows Tasks   Microsoft Corporation   (Verified) Microsoft Windows
unsecapp.exe       1,380 K   6,352 K   5316   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
unsecapp.exe       1,444 K   6,596 K   11196   Sink to receive asynchronous callbacks for WMI client application   Microsoft Corporation   (Verified) Microsoft Windows
vidnotifier.exe       5,668 K   18,108 K   10044   Video Notifier   Digital Wave Ltd   (Verified) Digital Wave Ltd
wininit.exe       1,736 K   5,900 K   796   Windows Start-Up Application   Microsoft Corporation   (Verified) Microsoft Windows Publisher
winlogon.exe       2,572 K   8,880 K   916   Windows Log-on Application   Microsoft Corporation   (Verified) Microsoft Windows
wlanext.exe       1,980 K   6,436 K   3252   Windows Wireless LAN 802.11 Extensibility Framework   Microsoft Corporation   (Verified) Microsoft Windows
WmiPrvSE.exe       2,936 K   9,204 K   10676   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
YourPhone.exe   Suspended   13,860 K   29,776 K   8848           (No signature was present in the subject)
GWClient.exe   < 0.01   6,308 K   16,876 K   3804   e-Safe Compliance Client Service   Guardware Ltd   (Verified) Guardware Ltd.
RAVBg64.exe   < 0.01   6,428 K   14,060 K   5944   HD Audio Background Process   Realtek Semiconductor   (Verified) Realtek Semiconductor Corp.
Memory Compression   < 0.01   432 K   122,736 K   2632
Dropbox.exe   < 0.01   2,600 K   10,140 K   10728   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
firefox.exe   < 0.01   63,232 K   79,924 K   9916   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
svchost.exe   < 0.01   4,116 K   15,972 K   11128   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ApplicationFrameHost.exe   < 0.01   10,616 K   30,700 K   10944   Application Frame Host   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   < 0.01   3,656 K   9,900 K   5052   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
ijplmsvc.exe   < 0.01   3,124 K   8,656 K   3880   Inkjet Printer/Scanner/Fax Extended Survey Program Service       (Verified) Canon Inc.
svchost.exe   < 0.01   7,876 K   14,872 K   556   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
sihost.exe   < 0.01   6,068 K   23,132 K   5292   Shell Infrastructure Host   Microsoft Corporation   (Verified) Microsoft Windows
SynTPEnh.exe   0.01   7,820 K   11,420 K   5912   Synaptics TouchPad 64-bit Enhancements   Synaptics Incorporated   (Verified) Synaptics Incorporated
svchost.exe   0.01   13,212 K   28,744 K   576   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.01   19,160 K   15,480 K   1308   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
lsass.exe   0.01   7,312 K   15,484 K   876   Local Security Authority Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
QtWebEngineProcess.exe   0.01   29,112 K   49,016 K   12068   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
AGMService.exe   0.02   2,452 K   8,812 K   3604   Adobe Genuine Software Service   Adobe Systems, Incorporated   (Verified) Adobe Inc.
ModuleCoreService.exe   0.02   30,328 K   13,692 K   3992   McAfee Module Core Service   McAfee, LLC.   (Verified) McAfee, LLC
QtWebEngineProcess.exe   0.03   43,056 K   55,560 K   12056   Qt Qtwebengineprocess   The Qt Company Ltd.   (Verified) Dropbox, Inc
mfemms.exe   0.03   3,864 K   7,796 K   3924   McAfee Management Service   McAfee, LLC   (Verified) McAfee, Inc.
EOSUPNPSV.exe   0.03   3,604 K   9,536 K   8972   Canon EOS UPNP Detector   CANON INC.   (Verified) Canon Inc.
uihost.exe   0.04   5,224 K   1,116 K   9736   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
amddvr.exe   0.04   171,696 K   14,236 K   1928   AMD ReLive: Host Application   Advanced Micro Devices, Inc.   (Verified) Advanced Micro Devices, Inc.
services.exe   0.04   5,752 K   8,624 K   860   Services and Controller app   Microsoft Corporation   (Verified) Microsoft Windows Publisher
mcapexe.exe   0.04   4,380 K   1,972 K   9708   McAfee Access Protection   McAfee, LLC   (Verified) McAfee, LLC.
psi_tray.exe   0.05   1,420 K   6,428 K   7808   Secunia PSI Tray   Secunia   (Verified) Secunia
SearchIndexer.exe   0.05   25,260 K   17,256 K   7800   Microsoft Windows Search Indexer   Microsoft Corporation   (Verified) Microsoft Windows
svchost.exe   0.06   3,176 K   7,512 K   2312   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
EOS Utility.exe   0.06   26,608 K   28,472 K   4240   EOS Utility   Canon INC.   (Verified) Canon Inc.
firefox.exe   0.07   155,260 K   179,400 K   10436   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
servicehost.exe   0.13   9,448 K   7,276 K   6248   McAfee WebAdvisor   McAfee, Inc.   (Verified) McAfee, LLC
svchost.exe   0.15   37,124 K   45,900 K   2532   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
svchost.exe   0.20   4,864 K   11,212 K   1796   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
csrss.exe   0.26   2,556 K   4,880 K   804   Client Server Runtime Process   Microsoft Corporation   (Verified) Microsoft Windows Publisher
GWW.exe   0.28   45,572 K   32,276 K   9724   e-Safe Compliance Client Application   Guardware Ltd.   (Verified) Guardware Ltd.
express.exe   0.38   45,296 K   85,996 K   536   Garmin Express   Garmin Ltd. or its subsidiaries   (Verified) Garmin International, Inc.
explorer.exe   0.39   42,184 K   97,468 K   7060   Windows Explorer   Microsoft Corporation   (Verified) Microsoft Windows
Dropbox.exe   0.46   188,020 K   233,548 K   9148   Dropbox   Dropbox, Inc.   (Verified) Dropbox, Inc
svchost.exe   0.52   13,028 K   22,316 K   3888   Host Process for Windows Services   Microsoft Corporation   (Verified) Microsoft Windows Publisher
firefox.exe   0.54   116,736 K   133,004 K   10336   Firefox   Mozilla Corporation   (Verified) Mozilla Corporation
dwm.exe   0.61   47,528 K   51,784 K   1060   Desktop Window Manager   Microsoft Corporation   (Verified) Microsoft Windows
Interrupts   0.87   0 K   0 K   n/a   Hardware Interrupts and DPCs
System   1.48   204 K   1,412 K   4
MfeAVSvc.exe   7.36   27,564 K   28,036 K   9984   McAfee Cloud AV   McAfee, LLC.   (Verified) McAfee, LLC.
procexp64.exe   8.48   33,780 K   65,660 K   10048   Sysinternals Process Explorer   Sysinternals - www.sysinternals.com   (Verified) Microsoft Corporation
WmiPrvSE.exe   22.83   8,904 K   16,576 K   5488   WMI Provider Host   Microsoft Corporation   (Verified) Microsoft Windows
System Idle Process   54.40   60 K   8 K   0