Earlier today, I was streaming a video on a site. However, to be able to watch the video I had to pause my adblock and by the end of the hour long video, I have noticed that many chrome windows have opened in the background due to ads. I didn't think much of it at first, but almost instantly I noticed a huge difference in my computer speed. My steam would take about 3 seconds to respond to any clicks, my discord would pause for a few seconds before it would load all of the texts I have typed, and just random clicks in general on my computer would take a few seconds to register. I have restarted my computer and the pauses were still there. I have ran Malwarebytes but the scans showed nothing. I'm not sure if this is due to my computer getting old but I just wanted to make sure. Thanks in advance!
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.0
Run by Crystal at 19:59:09 on 2017-07-24
Microsoft Windows 10 Enterprise 10.0.15063.0.1252.1.1033.18.16274.13689 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Crystal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
D:\Program Files\Corsair\Corsair Utility Engine\CUE.exe
D:\Program Files\ShareX\ShareX.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
D:\Anti-Malware\mbamservice.exe
D:\Anti-Malware\mbamtray.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.25.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s QWAVE
C:\ProgramData\Battle.net\Agent\Agent.5725\Agent.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Steam] "D:\Steam\steam.exe" -silent
uRun: [Discord] C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
uRun: [Spotify] C:\Users\Crystal\AppData\Roaming\Spotify\Spotify.exe --autostart
uRun: [Spotify Web Helper] C:\Users\Crystal\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
mRun: [Corsair Utility Engine] "D:\Program Files\Corsair\Corsair Utility Engine\CUE.exe" --autorun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
StartupFolder: C:\Users\Crystal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ShareX.lnk - D:\Program Files\ShareX\ShareX.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{f0e83e58-8766-4927-a2e2-43f894ea7516} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Malwarebytes TrayApp] D:\ANTI-MALWARE\mbamtray.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2017-7-24 77376]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_5550c;Connected Devices Platform User Service_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-11-2 373744]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MBAMChameleon.sys [2017-7-24 188352]
R2 MBAMService;Malwarebytes Service;D:\Anti-Malware\MBAMService.exe [2017-7-24 4470736]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-21 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-6-17 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-3-21 450168]
R2 OneSyncSvc_5550c;Sync Host_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2016-9-24 189264]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2017-6-17 44144]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2017-6-17 137840]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-7-11 336320]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-6-28 142752]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_5550c;Windows Push Notifications User Service_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 CorsairVBusDriver;Corsair Bus;C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2017-1-31 43000]
R3 CorsairVHidDriver;Corsair virtual device;C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2017-1-31 27640]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-9-5 131712]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 lvrs64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem19.inf,%PID_081A_DD%(UVC);Logitech Webcam C260(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2017-7-24 101784]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2017-7-24 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2017-7-24 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2017-7-24 93600]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-3-21 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2017-3-21 57976]
R3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-8-13 202952]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-9-5 165504]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-3-18 342264]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-3-18 220672]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Service;C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [2015-6-6 63840]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-2-27 317400]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2017-3-18 127904]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2017-3-18 161696]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2017-3-18 143776]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-7-9 1522184]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-3-18 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_5550c;DevicesFlow_5550c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_5550c;MessagingService_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2017-3-18 230816]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-6-17 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\System32\GameMon.des -service --> C:\WINDOWS\System32\GameMon.des -service [?]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-21 495224]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-7-14 30328]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 PimIndexMaintenanceSvc_5550c;Contact Data_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-3-18 3913064]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-3-18 891904]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-3-18 95648]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-3-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-3-18 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UnistoreSvc_5550c;User Data Storage_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 UserDataSvc_5550c;User Data Access_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-6-28 757248]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;LPA Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-6-17 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S3 YSDrv;VBox Support Driver;C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [2017-4-4 270608]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2017-7-11 846752]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2017-3-18 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2017-3-18 1200640]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-07-24 23:32:00 188352 ----a-w- C:\WINDOWS\System32\drivers\MBAMChameleon.sys
2017-07-24 23:31:53 93600 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2017-07-24 23:31:53 101784 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
2017-07-24 23:31:49 45472 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2017-07-24 23:31:47 253856 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-07-24 23:31:44 77376 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2017-07-24 23:31:39 -------- d-----w- C:\ProgramData\Malwarebytes
2017-07-24 21:48:38 44928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D823137E-664B-49B2-971C-54C5614B29D5}\MpKsldad9bbb7.sys
2017-07-24 21:48:27 13476768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D823137E-664B-49B2-971C-54C5614B29D5}\mpengine.dll
2017-07-24 10:30:31 13476768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-07-15 00:50:48 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2017-07-15 00:50:46 179320 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2017-07-15 00:50:46 146552 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2017-07-11 22:37:58 8211968 ----a-w- C:\WINDOWS\System32\mstscax.dll
2017-07-09 19:43:27 -------- d-----w- C:\Users\Crystal\AppData\Local\UnrealEngine
2017-07-09 19:43:27 -------- d-----w- C:\Users\Crystal\AppData\Local\TslGame
2017-07-09 19:43:22 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2017-06-28 06:15:28 -------- d-----w- C:\Users\Crystal\AppData\Local\DBG
2017-06-28 04:23:14 2132480 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2017-06-28 04:23:13 2679296 ----a-w- C:\WINDOWS\SysWow64\SRH.dll
2017-06-28 04:23:13 2671616 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2017-06-28 04:23:12 2597888 ----a-w- C:\WINDOWS\System32\mssrch.dll
2017-06-28 04:23:11 1451008 ----a-w- C:\WINDOWS\SysWow64\UIAutomationCore.dll
2017-06-28 04:23:06 3332096 ----a-w- C:\WINDOWS\System32\SRH.dll
2017-06-28 04:21:55 3667456 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
2017-06-28 04:20:58 6554928 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2017-06-28 04:20:30 2681760 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2017-06-28 04:20:25 847872 ----a-w- C:\WINDOWS\System32\bisrv.dll
2017-06-28 04:20:17 2938880 ----a-w- C:\WINDOWS\System32\InputService.dll
2017-06-28 04:18:59 985600 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2017-06-25 13:27:56 26942720 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-06-25 13:24:24 37559040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
.
==================== Find3M ====================
.
2017-07-24 23:28:39 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-07 14:00:12 947712 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2017-07-07 07:27:41 750560 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2017-07-07 07:27:37 965024 ----a-w- C:\WINDOWS\System32\hvloader.efi
2017-07-07 07:27:35 821664 ----a-w- C:\WINDOWS\System32\hvloader.exe
2017-07-07 07:27:35 1024928 ----a-w- C:\WINDOWS\System32\hvax64.exe
2017-07-07 07:27:32 1147288 ----a-w- C:\WINDOWS\System32\hvix64.exe
2017-07-07 07:26:00 1065104 ----a-w- C:\WINDOWS\System32\winresume.efi
2017-07-07 07:25:40 899824 ----a-w- C:\WINDOWS\System32\winresume.exe
2017-07-07 07:24:00 117664 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2017-07-07 07:23:03 2399728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-07-07 07:22:45 1186464 ----a-w- C:\WINDOWS\System32\winload.exe
2017-07-07 07:22:32 8318880 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-07-07 07:22:11 119384 ----a-w- C:\WINDOWS\System32\dmcmnutils.dll
2017-07-07 07:21:28 32688336 ----a-w- C:\WINDOWS\System32\WindowsCodecsRaw.dll
2017-07-07 07:21:07 2969880 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2017-07-07 07:20:52 382368 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2017-07-07 07:20:23 2021680 ----a-w- C:\WINDOWS\System32\wmpmde.dll
2017-07-07 07:20:19 923040 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2017-07-07 07:20:19 519584 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2017-07-07 07:17:42 1017760 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2017-07-07 07:15:09 2444696 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-07-07 07:14:55 1760264 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2017-07-07 07:14:39 7325584 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2017-07-07 07:14:31 1171032 ----a-w- C:\WINDOWS\System32\dcomp.dll
2017-07-07 07:14:30 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-07-07 07:13:20 554392 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2017-07-07 07:13:19 872472 ----a-w- C:\WINDOWS\System32\ClipSVC.dll
2017-07-07 07:13:13 147800 ----a-w- C:\WINDOWS\System32\Clipc.dll
2017-07-07 07:13:07 336320 ----a-w- C:\WINDOWS\System32\SecurityHealthService.exe
2017-07-07 07:12:57 228256 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2017-07-07 07:12:43 411040 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2017-07-07 07:12:23 318232 ----a-w- C:\WINDOWS\System32\wininit.exe
2017-07-07 07:11:14 94624 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2017-07-07 07:11:12 7904784 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-07-07 07:10:50 1670496 ----a-w- C:\WINDOWS\System32\winmde.dll
2017-07-07 07:10:40 254168 ----a-w- C:\WINDOWS\System32\mfps.dll
2017-07-07 07:10:37 1337848 ----a-w- C:\WINDOWS\System32\AudioEng.dll
2017-07-07 07:10:26 1325968 ----a-w- C:\WINDOWS\System32\ole32.dll
2017-07-07 07:10:00 372128 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
2017-07-07 07:09:24 41376 ----a-w- C:\WINDOWS\System32\wininitext.dll
2017-07-07 07:07:47 1106848 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2017-07-07 07:07:38 58488 ----a-w- C:\WINDOWS\System32\lsass.exe
2017-07-07 06:57:25 626528 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2017-07-07 06:57:23 125344 ----a-w- C:\WINDOWS\SysWow64\dwmapi.dll
2017-07-07 06:40:44 23677440 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-07-07 06:39:10 96128 ----a-w- C:\WINDOWS\SysWow64\dmcmnutils.dll
2017-07-07 06:39:01 1839872 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2017-07-07 06:37:56 31652264 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecsRaw.dll
2017-07-07 06:37:56 2259760 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2017-07-07 06:37:24 1339352 ----a-w- C:\WINDOWS\SysWow64\wmpmde.dll
2017-07-07 06:31:24 129184 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2017-07-07 06:31:19 1518088 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2017-07-07 06:31:01 5820984 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2017-07-07 06:31:00 322976 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2017-07-07 06:30:56 750496 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-07-07 06:30:55 949920 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll
2017-07-07 06:29:31 123520 ----a-w- C:\WINDOWS\SysWow64\Clipc.dll
2017-07-07 06:29:06 349600 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2017-07-07 06:27:57 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-07-07 06:27:53 859136 ----a-w- C:\WINDOWS\System32\uDWM.dll
2017-07-07 06:27:51 1050624 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2017-07-07 06:27:28 1640448 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2017-07-07 06:27:23 360960 ----a-w- C:\WINDOWS\System32\ConhostV2.dll
2017-07-07 06:27:21 6759512 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2017-07-07 06:27:17 577024 ----a-w- C:\WINDOWS\System32\duser.dll
2017-07-07 06:27:00 443392 ----a-w- C:\WINDOWS\System32\PerceptionSimulationExtensions.dll
2017-07-07 06:26:52 1529384 ----a-w- C:\WINDOWS\SysWow64\winmde.dll
2017-07-07 06:26:51 1195240 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2017-07-07 06:26:36 988168 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2017-07-07 06:26:09 17364992 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2017-07-07 06:25:37 35232 ----a-w- C:\WINDOWS\SysWow64\wininitext.dll
2017-07-07 06:25:29 2199552 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2017-07-07 06:24:51 1517472 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2017-07-07 06:24:13 114688 ----a-w- C:\WINDOWS\System32\officecsp.dll
2017-07-07 06:23:50 95232 ----a-w- C:\WINDOWS\System32\wudriver.dll
2017-07-07 06:23:46 583160 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2017-07-07 06:23:35 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-07-07 06:23:20 113152 ----a-w- C:\WINDOWS\System32\wuuhosdeployment.dll
2017-07-07 06:23:17 29696 ----a-w- C:\WINDOWS\System32\eapprovp.dll
2017-07-07 06:22:55 7931392 ----a-w- C:\WINDOWS\System32\twinui.dll
2017-07-07 06:22:08 520704 ----a-w- C:\WINDOWS\System32\daxexec.dll
2017-07-07 06:21:56 64512 ----a-w- C:\WINDOWS\System32\winsrv.dll
2017-07-07 06:21:18 96256 ----a-w- C:\WINDOWS\System32\ActiveSyncCsp.dll
2017-07-07 06:20:59 8331264 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2017-07-07 06:20:13 175616 ----a-w- C:\WINDOWS\System32\prntvpt.dll
2017-07-07 06:19:47 137216 ----a-w- C:\WINDOWS\System32\raschap.dll
2017-07-07 06:19:46 256000 ----a-w- C:\WINDOWS\System32\domgmt.dll
2017-07-07 06:19:38 527360 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
2017-07-07 06:19:26 165888 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2017-07-07 06:19:02 7149056 ----a-w- C:\WINDOWS\System32\mos.dll
2017-07-07 06:18:55 7336448 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-07-07 06:18:36 548864 ----a-w- C:\WINDOWS\System32\SensorService.dll
2017-07-07 06:18:34 274944 ----a-w- C:\WINDOWS\System32\WindowsCodecsExt.dll
2017-07-07 06:18:18 563712 ----a-w- C:\WINDOWS\System32\DevicePairing.dll
2017-07-07 06:18:16 353280 ----a-w- C:\WINDOWS\System32\Wldap32.dll
2017-07-07 06:17:46 1260544 ----a-w- C:\WINDOWS\System32\GamePanel.exe
2017-07-07 06:17:45 422400 ----a-w- C:\WINDOWS\System32\WpAXHolder.dll
2017-07-07 06:17:34 692736 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2017-07-07 06:17:30 229888 ----a-w- C:\WINDOWS\System32\SIHClient.exe
.
============= FINISH: 19:59:22.07 ===============
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.15063.0
Run by Crystal at 19:59:09 on 2017-07-24
Microsoft Windows 10 Enterprise 10.0.15063.0.1252.1.1033.18.16274.13689 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss
c:\windows\system32\svchost.exe -k dcomlaunch -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s TimeBrokerSvc
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -s Schedule
c:\windows\system32\svchost.exe -k localservice -s nsi
c:\windows\system32\svchost.exe -k netsvcs -s ProfSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s Dhcp
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k networkservice -s NlaSvc
c:\windows\system32\svchost.exe -k netsvcs -s UserManager
c:\windows\system32\svchost.exe -k netsvcs -s Themes
c:\windows\system32\svchost.exe -k localservice -s EventSystem
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
c:\windows\system32\svchost.exe -k localservice -s netprofm
c:\windows\system32\svchost.exe -k appmodel -s StateRepository
c:\windows\system32\svchost.exe -k netsvcs -s SENS
C:\WINDOWS\system32\igfxCUIService.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -s Winmgmt
c:\windows\system32\svchost.exe -k networkservice -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
c:\windows\system32\svchost.exe -k localservice -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k netsvcs -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -s DPS
c:\windows\system32\svchost.exe -k netsvcs -s iphlpsvc
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -s LanmanServer
C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s SysMain
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s TrkWks
c:\windows\system32\svchost.exe -k appmodel -s tiledatamodelsvc
c:\windows\system32\svchost.exe -k netsvcs -s WpnService
c:\windows\system32\svchost.exe -k localservice -s WdiServiceHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s DeviceAssociationService
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k localservice -s CDPSvc
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s SSDPSRV
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s wscsvc
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -s TokenBroker
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\igfxEM.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvspcaps64.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Users\Crystal\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
D:\Program Files\Corsair\Corsair Utility Engine\CUE.exe
D:\Program Files\ShareX\ShareX.exe
c:\windows\system32\svchost.exe -k netsvcs -s lfsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
c:\windows\system32\svchost.exe -k netsvcs -s Appinfo
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s WdiSystemHost
D:\Anti-Malware\mbamservice.exe
D:\Anti-Malware\mbamtray.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -s StorSvc
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11706.1001.25.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.17062.12911.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2017.18062.13720.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -s QWAVE
C:\ProgramData\Battle.net\Agent\Agent.5725\Agent.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
uRun: [Steam] "D:\Steam\steam.exe" -silent
uRun: [Discord] C:\Users\Crystal\AppData\Local\Discord\app-0.0.297\Discord.exe
uRun: [Spotify] C:\Users\Crystal\AppData\Roaming\Spotify\Spotify.exe --autostart
uRun: [Spotify Web Helper] C:\Users\Crystal\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
mRun: [Corsair Utility Engine] "D:\Program Files\Corsair\Corsair Utility Engine\CUE.exe" --autorun
mRun: [Razer Synapse] "C:\Program Files (x86)\Razer\Synapse\RzSynapse.exe"
StartupFolder: C:\Users\Crystal\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ShareX.lnk - D:\Program Files\ShareX\ShareX.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{f0e83e58-8766-4927-a2e2-43f894ea7516} : DHCPNameServer = 192.168.0.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files (x86)\Microsoft Office\Office15\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [Malwarebytes TrayApp] D:\ANTI-MALWARE\mbamtray.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office15\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office15\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\59.0.3071.115\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-3-18 74840]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-3-18 49568]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-3-18 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-3-18 70232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-3-18 18520]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-3-18 208288]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-3-18 239616]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit;C:\WINDOWS\System32\drivers\mbae64.sys [2017-7-24 77376]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-3-18 54272]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-3-18 8192]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
R2 CDPUserSvc_5550c;Connected Devices Platform User Service_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2017-3-18 14336]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2017-3-18 47664]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2017-3-18 47664]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-11-2 373744]
R2 MBAMChameleon;MBAMChameleon;C:\WINDOWS\System32\drivers\MBAMChameleon.sys [2017-7-24 188352]
R2 MBAMService;Malwarebytes Service;D:\Anti-Malware\MBAMService.exe [2017-7-24 4470736]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-21 495224]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-6-17 462968]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-3-21 450168]
R2 OneSyncSvc_5550c;Sync Host_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R2 Razer Game Scanner Service;Razer Game Scanner;C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [2016-9-24 189264]
R2 rzpmgrk;rzpmgrk;C:\WINDOWS\System32\drivers\rzpmgrk.sys [2017-6-17 44144]
R2 rzpnk;rzpnk;C:\WINDOWS\System32\drivers\rzpnk.sys [2017-6-17 137840]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-7-11 336320]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-3-18 79872]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-6-28 142752]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R2 WpnUserService_5550c;Windows Push Notifications User Service_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
R3 CorsairVBusDriver;Corsair Bus;C:\WINDOWS\System32\drivers\CorsairVBusDriver.sys [2017-1-31 43000]
R3 CorsairVHidDriver;Corsair virtual device;C:\WINDOWS\System32\drivers\CorsairVHidDriver.sys [2017-1-31 27640]
R3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-9-5 131712]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 lvrs64;Logitech RightSound Filter Driver;C:\WINDOWS\System32\drivers\lvrs64.sys [2012-10-26 351520]
R3 LVUVC64;@oem19.inf,%PID_081A_DD%(UVC);Logitech Webcam C260(UVC);C:\WINDOWS\System32\drivers\lvuvc64.sys [2012-10-26 4758176]
R3 MBAMFarflt;MBAMFarflt;C:\WINDOWS\System32\drivers\farflt.sys [2017-7-24 101784]
R3 MBAMProtection;MBAMProtection;C:\WINDOWS\System32\drivers\mbam.sys [2017-7-24 45472]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2017-7-24 253856]
R3 MBAMWebProtection;MBAMWebProtection;C:\WINDOWS\System32\drivers\mwac.sys [2017-7-24 93600]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-3-18 20992]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2017-3-21 48248]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2017-3-21 57976]
R3 rzdaendpt;Razer DeathAdder end point;C:\WINDOWS\System32\drivers\rzdaendpt.sys [2015-8-13 43720]
R3 rzudd;Razer Mouse Driver;C:\WINDOWS\System32\drivers\rzudd.sys [2015-8-13 202952]
R3 rzvkeyboard;Razer Virtual Keyboard Driver;C:\WINDOWS\System32\drivers\rzvkeyboard.sys [2015-8-13 44232]
R3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-9-5 165504]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
R3 TokenBroker;TokenBroker;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-3-18 121248]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-3-18 342264]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-3-18 220672]
R3 XtuAcpiDriver;Intel(R) Extreme Tuning Utility Service;C:\WINDOWS\System32\drivers\XtuAcpiDriver.sys [2015-6-6 63840]
S2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-3-18 12288]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2017-3-18 47664]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2017-2-27 317400]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-3-18 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-3-18 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-3-18 17920]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2017-3-18 47664]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2017-3-18 127904]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2017-3-18 161696]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2017-3-18 143776]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-3-18 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-7-9 1522184]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-3-18 47664]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-3-18 39424]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-3-18 53664]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-3-18 122880]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-3-18 347032]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-3-18 2104224]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2017-3-18 47664]
S3 DevicesFlowUserSvc_5550c;DevicesFlow_5550c;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-3-18 47664]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-3-18 86528]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-3-18 47664]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-3-18 21504]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-3-18 51104]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-3-18 33280]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-3-18 81408]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-3-18 70656]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-3-18 85504]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-3-18 165376]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-3-18 168448]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-3-18 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-3-18 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-3-18 673184]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-3-18 526240]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-3-18 36864]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-3-18 123808]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-3-18 103328]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-3-18 405408]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-3-18 51104]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-3-18 64416]
S3 MessagingService_5550c;MessagingService_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-3-18 842656]
S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2017-3-18 230816]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-3-18 108960]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-3-18 122368]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-6-17 118784]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 npggsvc;nProtect GameGuard Service;C:\WINDOWS\System32\GameMon.des -service --> C:\WINDOWS\System32\GameMon.des -service [?]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-3-21 495224]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-3-18 80896]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2017-7-14 30328]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2014-1-23 178760]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-3-18 58784]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-3-18 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 PimIndexMaintenanceSvc_5550c;Contact Data_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-3-18 1735584]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-3-18 936864]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-3-18 47664]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-3-18 91040]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-3-18 31128]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2017-3-18 3913064]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-3-18 1284608]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-3-18 154016]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-3-18 47664]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-3-18 40352]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-3-18 891904]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-3-18 95648]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-3-18 36760]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-3-18 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-3-18 104448]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-3-18 179200]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-3-18 51712]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-3-18 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-3-18 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-3-18 263584]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-3-18 98712]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-3-18 138656]
S3 UnistoreSvc_5550c;User Data Storage_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-3-18 29600]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-3-18 59288]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-3-18 28064]
S3 UserDataSvc_5550c;User Data Access_5550c;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-3-18 47664]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-3-18 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-3-18 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-3-18 47664]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2017-3-18 47664]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-3-18 72192]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-6-28 757248]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-3-18 47664]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-3-18 47664]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-3-18 32160]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-3-18 217088]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-3-18 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 wlpasvc;LPA Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-6-17 277504]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-3-18 46592]
S3 YSDrv;VBox Support Driver;C:\Program Files (x86)\Bignox\BigNoxVM\RT\YSDrv.sys [2017-4-4 270608]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2017-7-11 846752]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-3-18 47664]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2017-3-18 47664]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2017-3-18 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2017-3-18 1200640]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-07-24 23:32:00 188352 ----a-w- C:\WINDOWS\System32\drivers\MBAMChameleon.sys
2017-07-24 23:31:53 93600 ----a-w- C:\WINDOWS\System32\drivers\mwac.sys
2017-07-24 23:31:53 101784 ----a-w- C:\WINDOWS\System32\drivers\farflt.sys
2017-07-24 23:31:49 45472 ----a-w- C:\WINDOWS\System32\drivers\mbam.sys
2017-07-24 23:31:47 253856 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys
2017-07-24 23:31:44 77376 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2017-07-24 23:31:39 -------- d-----w- C:\ProgramData\Malwarebytes
2017-07-24 21:48:38 44928 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D823137E-664B-49B2-971C-54C5614B29D5}\MpKsldad9bbb7.sys
2017-07-24 21:48:27 13476768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{D823137E-664B-49B2-971C-54C5614B29D5}\mpengine.dll
2017-07-24 10:30:31 13476768 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2017-07-15 00:50:48 -------- d-----w- C:\WINDOWS\LastGood.Tmp
2017-07-15 00:50:46 179320 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2017-07-15 00:50:46 146552 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2017-07-11 22:37:58 8211968 ----a-w- C:\WINDOWS\System32\mstscax.dll
2017-07-09 19:43:27 -------- d-----w- C:\Users\Crystal\AppData\Local\UnrealEngine
2017-07-09 19:43:27 -------- d-----w- C:\Users\Crystal\AppData\Local\TslGame
2017-07-09 19:43:22 -------- d-----w- C:\Program Files (x86)\Common Files\BattlEye
2017-06-28 06:15:28 -------- d-----w- C:\Users\Crystal\AppData\Local\DBG
2017-06-28 04:23:14 2132480 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2017-06-28 04:23:13 2679296 ----a-w- C:\WINDOWS\SysWow64\SRH.dll
2017-06-28 04:23:13 2671616 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2017-06-28 04:23:12 2597888 ----a-w- C:\WINDOWS\System32\mssrch.dll
2017-06-28 04:23:11 1451008 ----a-w- C:\WINDOWS\SysWow64\UIAutomationCore.dll
2017-06-28 04:23:06 3332096 ----a-w- C:\WINDOWS\System32\SRH.dll
2017-06-28 04:21:55 3667456 ----a-w- C:\WINDOWS\SysWow64\D3DCompiler_47.dll
2017-06-28 04:20:58 6554928 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2017-06-28 04:20:30 2681760 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2017-06-28 04:20:25 847872 ----a-w- C:\WINDOWS\System32\bisrv.dll
2017-06-28 04:20:17 2938880 ----a-w- C:\WINDOWS\System32\InputService.dll
2017-06-28 04:18:59 985600 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2017-06-25 13:27:56 26942720 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
2017-06-25 13:24:24 37559040 ----a-w- C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSO.DLL
.
==================== Find3M ====================
.
2017-07-24 23:28:39 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2017-07-07 14:00:12 947712 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2017-07-07 07:27:41 750560 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe
2017-07-07 07:27:37 965024 ----a-w- C:\WINDOWS\System32\hvloader.efi
2017-07-07 07:27:35 821664 ----a-w- C:\WINDOWS\System32\hvloader.exe
2017-07-07 07:27:35 1024928 ----a-w- C:\WINDOWS\System32\hvax64.exe
2017-07-07 07:27:32 1147288 ----a-w- C:\WINDOWS\System32\hvix64.exe
2017-07-07 07:26:00 1065104 ----a-w- C:\WINDOWS\System32\winresume.efi
2017-07-07 07:25:40 899824 ----a-w- C:\WINDOWS\System32\winresume.exe
2017-07-07 07:24:00 117664 ----a-w- C:\WINDOWS\System32\drivers\pdc.sys
2017-07-07 07:23:03 2399728 ----a-w- C:\WINDOWS\System32\KernelBase.dll
2017-07-07 07:22:45 1186464 ----a-w- C:\WINDOWS\System32\winload.exe
2017-07-07 07:22:32 8318880 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2017-07-07 07:22:11 119384 ----a-w- C:\WINDOWS\System32\dmcmnutils.dll
2017-07-07 07:21:28 32688336 ----a-w- C:\WINDOWS\System32\WindowsCodecsRaw.dll
2017-07-07 07:21:07 2969880 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2017-07-07 07:20:52 382368 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2017-07-07 07:20:23 2021680 ----a-w- C:\WINDOWS\System32\wmpmde.dll
2017-07-07 07:20:19 923040 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2017-07-07 07:20:19 519584 ----a-w- C:\WINDOWS\System32\drivers\netio.sys
2017-07-07 07:17:42 1017760 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2017-07-07 07:15:09 2444696 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2017-07-07 07:14:55 1760264 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2017-07-07 07:14:39 7325584 ----a-w- C:\WINDOWS\System32\windows.storage.dll
2017-07-07 07:14:31 1171032 ----a-w- C:\WINDOWS\System32\dcomp.dll
2017-07-07 07:14:30 5477088 ----a-w- C:\WINDOWS\System32\OneCoreUAPCommonProxyStub.dll
2017-07-07 07:13:20 554392 ----a-w- C:\WINDOWS\System32\drivers\USBHUB3.SYS
2017-07-07 07:13:19 872472 ----a-w- C:\WINDOWS\System32\ClipSVC.dll
2017-07-07 07:13:13 147800 ----a-w- C:\WINDOWS\System32\Clipc.dll
2017-07-07 07:13:07 336320 ----a-w- C:\WINDOWS\System32\SecurityHealthService.exe
2017-07-07 07:12:57 228256 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb20.sys
2017-07-07 07:12:43 411040 ----a-w- C:\WINDOWS\System32\msv1_0.dll
2017-07-07 07:12:23 318232 ----a-w- C:\WINDOWS\System32\wininit.exe
2017-07-07 07:11:14 94624 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2017-07-07 07:11:12 7904784 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2017-07-07 07:10:50 1670496 ----a-w- C:\WINDOWS\System32\winmde.dll
2017-07-07 07:10:40 254168 ----a-w- C:\WINDOWS\System32\mfps.dll
2017-07-07 07:10:37 1337848 ----a-w- C:\WINDOWS\System32\AudioEng.dll
2017-07-07 07:10:26 1325968 ----a-w- C:\WINDOWS\System32\ole32.dll
2017-07-07 07:10:00 372128 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
2017-07-07 07:09:24 41376 ----a-w- C:\WINDOWS\System32\wininitext.dll
2017-07-07 07:07:47 1106848 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2017-07-07 07:07:38 58488 ----a-w- C:\WINDOWS\System32\lsass.exe
2017-07-07 06:57:25 626528 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe
2017-07-07 06:57:23 125344 ----a-w- C:\WINDOWS\SysWow64\dwmapi.dll
2017-07-07 06:40:44 23677440 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2017-07-07 06:39:10 96128 ----a-w- C:\WINDOWS\SysWow64\dmcmnutils.dll
2017-07-07 06:39:01 1839872 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll
2017-07-07 06:37:56 31652264 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecsRaw.dll
2017-07-07 06:37:56 2259760 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2017-07-07 06:37:24 1339352 ----a-w- C:\WINDOWS\SysWow64\wmpmde.dll
2017-07-07 06:31:24 129184 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2017-07-07 06:31:19 1518088 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2017-07-07 06:31:01 5820984 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2017-07-07 06:31:00 322976 ----a-w- C:\WINDOWS\apppatch\AcRes.dll
2017-07-07 06:30:56 750496 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe
2017-07-07 06:30:55 949920 ----a-w- C:\WINDOWS\SysWow64\dcomp.dll
2017-07-07 06:29:31 123520 ----a-w- C:\WINDOWS\SysWow64\Clipc.dll
2017-07-07 06:29:06 349600 ----a-w- C:\WINDOWS\SysWow64\msv1_0.dll
2017-07-07 06:27:57 3670016 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2017-07-07 06:27:53 859136 ----a-w- C:\WINDOWS\System32\uDWM.dll
2017-07-07 06:27:51 1050624 ----a-w- C:\WINDOWS\System32\Windows.UI.dll
2017-07-07 06:27:28 1640448 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2017-07-07 06:27:23 360960 ----a-w- C:\WINDOWS\System32\ConhostV2.dll
2017-07-07 06:27:21 6759512 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2017-07-07 06:27:17 577024 ----a-w- C:\WINDOWS\System32\duser.dll
2017-07-07 06:27:00 443392 ----a-w- C:\WINDOWS\System32\PerceptionSimulationExtensions.dll
2017-07-07 06:26:52 1529384 ----a-w- C:\WINDOWS\SysWow64\winmde.dll
2017-07-07 06:26:51 1195240 ----a-w- C:\WINDOWS\SysWow64\AudioEng.dll
2017-07-07 06:26:36 988168 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2017-07-07 06:26:09 17364992 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.dll
2017-07-07 06:25:37 35232 ----a-w- C:\WINDOWS\SysWow64\wininitext.dll
2017-07-07 06:25:29 2199552 ----a-w- C:\WINDOWS\System32\Windows.UI.Xaml.Resources.dll
2017-07-07 06:24:51 1517472 ----a-w- C:\WINDOWS\SysWow64\AppVEntSubsystems32.dll
2017-07-07 06:24:13 114688 ----a-w- C:\WINDOWS\System32\officecsp.dll
2017-07-07 06:23:50 95232 ----a-w- C:\WINDOWS\System32\wudriver.dll
2017-07-07 06:23:46 583160 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2017-07-07 06:23:35 110592 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2017-07-07 06:23:20 113152 ----a-w- C:\WINDOWS\System32\wuuhosdeployment.dll
2017-07-07 06:23:17 29696 ----a-w- C:\WINDOWS\System32\eapprovp.dll
2017-07-07 06:22:55 7931392 ----a-w- C:\WINDOWS\System32\twinui.dll
2017-07-07 06:22:08 520704 ----a-w- C:\WINDOWS\System32\daxexec.dll
2017-07-07 06:21:56 64512 ----a-w- C:\WINDOWS\System32\winsrv.dll
2017-07-07 06:21:18 96256 ----a-w- C:\WINDOWS\System32\ActiveSyncCsp.dll
2017-07-07 06:20:59 8331264 ----a-w- C:\WINDOWS\System32\BingMaps.dll
2017-07-07 06:20:13 175616 ----a-w- C:\WINDOWS\System32\prntvpt.dll
2017-07-07 06:19:47 137216 ----a-w- C:\WINDOWS\System32\raschap.dll
2017-07-07 06:19:46 256000 ----a-w- C:\WINDOWS\System32\domgmt.dll
2017-07-07 06:19:38 527360 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
2017-07-07 06:19:26 165888 ----a-w- C:\WINDOWS\System32\storewuauth.dll
2017-07-07 06:19:02 7149056 ----a-w- C:\WINDOWS\System32\mos.dll
2017-07-07 06:18:55 7336448 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2017-07-07 06:18:36 548864 ----a-w- C:\WINDOWS\System32\SensorService.dll
2017-07-07 06:18:34 274944 ----a-w- C:\WINDOWS\System32\WindowsCodecsExt.dll
2017-07-07 06:18:18 563712 ----a-w- C:\WINDOWS\System32\DevicePairing.dll
2017-07-07 06:18:16 353280 ----a-w- C:\WINDOWS\System32\Wldap32.dll
2017-07-07 06:17:46 1260544 ----a-w- C:\WINDOWS\System32\GamePanel.exe
2017-07-07 06:17:45 422400 ----a-w- C:\WINDOWS\System32\WpAXHolder.dll
2017-07-07 06:17:34 692736 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2017-07-07 06:17:30 229888 ----a-w- C:\WINDOWS\System32\SIHClient.exe
.
============= FINISH: 19:59:22.07 ===============