DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.16299.98 BrowserJavaVersion: 10.67.2
Run by Kenneth Rivalsi at 15:35:40 on 2017-12-26
Microsoft Windows 10 Home 10.0.16299.0.1252.1.1033.18.7990.5247 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security *Enabled* {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k SPOCJS
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\atieclxx.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Music.UI.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?gws_rd=ssl
uSearch Bar = Preserve
uProxyOverride = <-loopback>;*.local
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - <orphaned>
uRun: [googletalk] C:\Users\Kenneth Rivalsi\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [OneDrive] "C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{ac0539c6-36f0-4d6c-af81-7cbe30db7c17} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{d49ed8a4-1478-4426-9e3d-52970edcd979} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{efa0cdec-f76a-4709-b1d4-4b5f82b2f6f1} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.1 mssplus.mcafee.com
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-7-1 82664]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2011-3-3 56336]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\160B020.007\symefasi64.sys [2017-11-20 1938584]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2017-12-24 59800]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20171220.001\BHDrvx64.sys [2017-12-21 1872024]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\160B020.007\ccsetx64.sys [2017-11-20 187544]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20171225.003\IDSvia64.sys [2017-12-25 1056920]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\ironx64.sys [2017-11-20 309984]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\symnets.sys [2017-11-20 566936]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2016-10-6 89600]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-8-2 2257016]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-4-3 83768]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_62279;Connected Devices Platform User Service_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-9-29 384000]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-18 3058416]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2017-12-4 51016]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IntelHaxm;Intel HAXM Service;C:\WINDOWS\System32\drivers\IntelHaxm.sys [2017-4-13 92280]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\nis.exe [2017-11-20 326144]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 OneSyncSvc_62279;Sync Host_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-12-24 519152]
R2 SPOCJS;Jack Sensing Service for USB Audio;C:\WINDOWS\System32\svchost.exe -k SPOCJS [2017-9-29 48688]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-3-30 253960]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-8 2533400]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-12-24 147864]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_62279;Windows Push Notifications User Service_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
R3 clwvd;HP Webcam Splitter;C:\WINDOWS\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-11-15 158360]
R3 HECIx64;Intel(R) Management Engine Interface;C:\WINDOWS\System32\drivers\HECIx64.sys [2010-4-30 56344]
R3 Impcd;Impcd;C:\WINDOWS\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\WINDOWS\System32\drivers\lan9500-x64-n650f.sys [2017-11-30 110400]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-9-29 604160]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-3-30 52904]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 usbaud;HP USB Media Port Rep Audio;C:\WINDOWS\System32\drivers\usbaud64.sys [2011-11-16 232064]
R3 wdkmd;Intel WiDi KMD;C:\WINDOWS\System32\drivers\WDKMD.sys [2010-4-16 39832]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\symelam.sys [2017-11-20 24608]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/02/08 00:50:00;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-2-8 245232]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2011-5-13 30520]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-5-28 102912]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S3 DevicesFlowUserSvc_62279;DevicesFlow_62279;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [2017-9-5 404376]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_62279;MessagingService_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-12-24 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PimIndexMaintenanceSvc_62279;Contact Data_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_62279;PrintWorkflow_62279;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-12-24 956416]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-9-29 103320]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-12-24 45464]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-12-24 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-12-24 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UnistoreSvc_62279;User Data Storage_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-12-24 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 UserDataSvc_62279;User Data Access_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2017-9-29 48688]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-24 770048]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-9-29 119192]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-9-29 355304]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-9-29 225280]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-12-26 17:14:57 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{CC9F8681-686D-44B8-8532-AFA297F134D6}
2017-12-26 04:11:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{2C794624-DC40-429D-A1B7-67EF429E3E91}
2017-12-25 14:48:27 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C0945908-0199-4FE3-9546-A9B50A6958FD}
2017-12-25 01:11:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\PlaceholderTileLogoFolder
2017-12-25 01:08:02 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\SlimWare Utilities Inc
2017-12-24 19:27:59 -------- d-----w- C:\Windows.old
2017-12-24 19:14:50 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
2017-12-24 19:14:45 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2017-12-24 19:12:22 -------- d-----w- C:\WINDOWS\System32\Microsoft
2017-12-24 19:12:22 -------- d-----w- C:\WINDOWS\ServiceProfiles
2017-12-24 19:04:49 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2017-12-24 17:50:54 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2017-12-24 17:49:16 -------- d--h--w- C:\Users\Kenneth Rivalsi\MicrosoftEdgeBackups
2017-12-24 17:47:08 -------- d-----r- C:\Users\Kenneth Rivalsi\3D Objects
2017-12-24 17:45:50 -------- d-sh--we C:\ProgramData\Documents
2017-12-24 17:18:36 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2017-12-24 17:14:35 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2017-12-24 17:14:34 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2017-12-24 16:47:01 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\Packages
2017-12-24 16:40:47 -------- d-----w- C:\Program Files\ATI Technologies
2017-12-24 16:38:19 2241024 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2017-12-24 16:35:57 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2017-12-24 16:34:12 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2017-12-24 14:29:58 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{E689F7F7-AACC-4327-A397-E1184C06183C}
2017-12-23 13:42:25 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{88D49AB2-D0F4-4901-A0A7-72A75D5F7E1F}
2017-12-22 19:21:11 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{5AFBBC2F-3D78-4818-8234-A82A1F10D551}
2017-12-22 01:52:25 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{86DC407A-D8E2-4D1D-AF32-AE3094BC11DE}
2017-12-21 13:52:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{81378C89-11F0-4676-B41D-09DB67CC16F4}
2017-12-21 01:37:57 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BD17D121-5B84-4D90-BFD2-6D3A09C90CC4}
2017-12-20 13:37:40 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3431A083-F63E-417E-8607-30B05FE29976}
2017-12-19 23:08:37 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{60EBB520-E872-40BC-81DB-EDC44AC1502B}
2017-12-19 01:55:43 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D01BA935-0F29-45A9-8877-6D511CD94142}
2017-12-18 13:43:07 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{0FD412D0-B542-420C-B763-02EEC37BD50B}
2017-12-18 12:45:03 -------- dc----w- C:\WINDOWS\Panther
2017-12-17 16:26:27 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{E8CC70B3-BD1D-472E-ADA3-36EFC37D9944}
2017-12-17 04:26:10 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{8AF25D4B-F490-49FC-98B7-1F91A483E33F}
2017-12-16 16:26:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3426DB92-9C21-48AF-B29B-F8A60C899D08}
2017-12-16 04:25:51 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3676AAC7-F24C-483B-8D1C-8A7BA971F7E9}
2017-12-15 15:09:44 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{4853203B-9D05-47F5-B7C6-DB3A0905BC0B}
2017-12-14 23:58:52 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{91B17DBD-85B4-4723-B7E2-14B2835B09EC}
2017-12-13 23:22:28 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A9EB6499-7618-4475-8D80-FD50EAE24A0E}
2017-12-12 22:49:55 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A3767D31-37F0-4295-98CC-54F32B162941}
2017-12-12 02:26:24 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{24B75D19-F804-4AD2-BC6F-5984504BDD62}
2017-12-11 12:16:22 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{30A4F814-0F5F-4C52-9D7B-68A13B3F325C}
2017-12-10 19:56:12 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{B404B4CA-8167-4998-A7E9-E5EBC2248388}
2017-12-09 16:30:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{2BC7EA8E-C8A5-47D7-AE37-B9035AA1AA39}
2017-12-09 04:30:33 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{8FE7125B-9EDB-4CE7-8AA4-D072688F16B3}
2017-12-08 14:44:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{25A4ACF5-F383-43DC-A65A-3080D98ADDC5}
2017-12-07 22:57:32 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{7440F999-62D0-419E-BFD0-64A5278B8908}
2017-12-06 22:46:14 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3421A9A9-19FF-4CA2-8777-FFE702F583D0}
2017-12-05 01:06:22 51016 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2017-12-05 01:06:22 45672 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2017-12-05 01:06:22 45640 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2017-12-05 01:06:22 45640 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2017-12-04 23:15:47 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{394F0E84-0F0C-4100-87C4-545D86195356}
2017-12-04 02:31:26 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{607F10FB-8728-4D21-A0A6-419A327293AB}
2017-12-03 14:00:52 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D8CCE3E3-6D36-4578-9EB4-958FD2AE0251}
2017-12-03 01:20:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{9F94835D-A93E-4C80-A50B-4EFBD29DE871}
2017-12-02 12:20:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D0AE91A1-AB3B-49FD-B0D3-2F8B9AB1B0D5}
2017-12-02 02:43:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\EO.WebEngine
2017-12-01 23:32:53 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{4319C247-63DC-40EE-BC1D-0F83C94DA06C}
2017-11-30 23:22:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D9601D1A-3E2D-4541-80BE-4F6ED04ED3E2}
2017-11-30 13:02:40 110400 ----a-w- C:\WINDOWS\System32\drivers\lan9500-x64-n650f.sys
2017-11-30 00:50:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{48D9BB68-B89C-4D95-AD0B-7FDA416249F3}
2017-11-28 23:25:28 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{0D6B0CA2-3836-48FC-8F99-9B8C6243403E}
2017-11-27 22:34:45 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{DC3F53E4-B4B0-43D8-905E-2EC98BFD9344}
.
==================== Find3M ====================
.
2017-12-26 16:55:46 144368 ------w- C:\WINDOWS\System32\drivers\rikvm_C6F09094.sys
2017-12-24 19:04:09 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2017-12-24 19:04:09 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2017-12-24 19:04:08 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2017-12-24 19:04:08 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2017-12-24 19:04:08 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2017-12-24 19:04:07 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-12-13 03:18:54 133326408 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2017-12-03 22:38:40 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-12-03 22:38:40 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-11-20 22:51:29 102600 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2017-11-10 23:31:25 566936 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symnets.sys
2017-11-10 23:31:25 468616 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symtdiv.sys
2017-11-10 23:31:06 24608 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symelam.sys
2017-11-10 23:31:06 1938584 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symefasi64.sys
2017-11-10 23:29:34 309984 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\ironx64.sys
2017-11-10 23:28:36 187544 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\ccsetx64.sys
2017-11-10 23:28:12 812696 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\srtsp64.sys
2017-11-10 23:28:12 49304 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\srtspx64.sys
2017-09-29 14:43:11 979384 ----a-w- C:\WINDOWS\System32\DolbyDecMFT.dll
2017-09-29 14:42:18 6347776 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2017-09-29 14:42:18 5739008 ----a-w- C:\WINDOWS\System32\prm0009.dll
2017-09-29 14:42:18 5484032 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2017-09-29 14:42:18 2629120 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2017-09-29 14:42:18 2629120 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2017-09-29 14:42:09 1347608 ----a-w- C:\WINDOWS\SysWow64\wmpmde.dll
2017-09-29 14:41:17 6656 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2017-09-29 14:41:15 11776 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2017-09-29 14:41:12 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2017-09-29 13:44:26 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2017-09-29 13:44:25 229376 ----a-w- C:\WINDOWS\System32\msclmd.dll
2017-09-29 13:42:27 98304 ----a-w- C:\WINDOWS\SysWow64\wlgpclnt.dll
2017-09-29 13:41:58 97792 ----a-w- C:\WINDOWS\System32\wshext.dll
2017-09-29 13:40:59 96768 ----a-w- C:\WINDOWS\System32\drivers\drmk.sys
2017-09-29 08:45:15 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2017-09-29 08:45:14 141312 ----a-w- C:\WINDOWS\System32\poqexec.exe
2017-09-29 08:45:12 847768 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2017-09-29 08:45:12 774552 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2017-09-29 08:45:12 244632 ----a-w- C:\WINDOWS\System32\wdscore.dll
2017-09-29 08:45:12 206848 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2017-09-29 08:45:12 143256 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2017-09-29 08:45:12 134552 ----a-w- C:\WINDOWS\System32\SSShim.dll
2017-09-29 08:45:12 109568 ----a-w- C:\WINDOWS\System32\NetDriverInstall.dll
2017-09-28 21:38:00 2035096 ----a-w- C:\WINDOWS\System32\wmpmde.dll
2017-09-28 21:23:00 285176 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2017-09-28 21:21:00 387408 ----a-w- C:\WINDOWS\System32\wmpps.dll
2017-09-28 20:49:00 250208 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2017-09-28 20:49:00 153088 ----a-w- C:\WINDOWS\SysWow64\wmpps.dll
2017-09-28 19:05:00 7168 ----a-w- C:\WINDOWS\System32\msdxm.ocx
2017-09-28 19:05:00 7168 ----a-w- C:\WINDOWS\System32\dxmasf.dll
2017-09-28 19:05:00 2560 ----a-w- C:\WINDOWS\System32\wmerror.dll
2017-09-28 19:05:00 2560 ----a-w- C:\WINDOWS\System32\SyncRes.dll
2017-09-28 19:05:00 16384 ----a-w- C:\WINDOWS\System32\APHostRes.dll
2017-09-28 19:05:00 11264 ----a-w- C:\WINDOWS\System32\spwmp.dll
2017-09-28 19:04:00 90624 ----a-w- C:\WINDOWS\System32\InternetMailCsp.dll
2017-09-28 19:04:00 62464 ----a-w- C:\WINDOWS\System32\SyncProxy.dll
2017-09-28 19:04:00 58880 ----a-w- C:\WINDOWS\System32\InprocLogger.dll
2017-09-28 19:04:00 216576 ----a-w- C:\WINDOWS\System32\wmpdxm.dll
2017-09-28 19:04:00 175616 ----a-w- C:\WINDOWS\System32\MCCSEngineShared.dll
2017-09-28 19:04:00 13824 ----a-w- C:\WINDOWS\System32\EasPolicyManagerBrokerPS.dll
2017-09-28 19:03:00 96256 ----a-w- C:\WINDOWS\System32\ActiveSyncCsp.dll
2017-09-28 19:03:00 8962560 ----a-w- C:\WINDOWS\System32\wmploc.DLL
2017-09-28 19:03:00 70656 ----a-w- C:\WINDOWS\System32\APHostClient.dll
2017-09-28 19:03:00 20480 ----a-w- C:\WINDOWS\System32\MCCSPal.dll
2017-09-28 19:03:00 137216 ----a-w- C:\WINDOWS\System32\networkhelper.dll
2017-09-28 19:03:00 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2017-09-28 19:02:00 742912 ----a-w- C:\WINDOWS\System32\internetmail.dll
2017-09-28 19:02:00 559104 ----a-w- C:\WINDOWS\System32\quickassist.exe
2017-09-28 19:02:00 268800 ----a-w- C:\WINDOWS\System32\accountaccessor.dll
2017-09-28 19:02:00 257024 ----a-w- C:\WINDOWS\System32\unregmp2.exe
2017-09-28 19:01:00 404480 ----a-w- C:\WINDOWS\System32\DavSyncProvider.dll
2017-09-28 19:01:00 369664 ----a-w- C:\WINDOWS\System32\APHostService.dll
2017-09-28 19:00:00 64000 ----a-w- C:\WINDOWS\System32\EASPolicyManagerBrokerHost.exe
2017-09-28 19:00:00 434176 ----a-w- C:\WINDOWS\System32\AccountsRt.dll
2017-09-28 18:59:00 624128 ----a-w- C:\WINDOWS\System32\SyncController.dll
2017-09-28 18:59:00 393216 ----a-w- C:\WINDOWS\System32\syncutil.dll
2017-09-28 18:56:00 1777664 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2017-09-28 18:45:00 5632 ----a-w- C:\WINDOWS\SysWow64\msdxm.ocx
2017-09-28 18:45:00 5632 ----a-w- C:\WINDOWS\SysWow64\dxmasf.dll
2017-09-28 18:44:00 9216 ----a-w- C:\WINDOWS\SysWow64\spwmp.dll
2017-09-28 18:44:00 2560 ----a-w- C:\WINDOWS\SysWow64\wmerror.dll
2017-09-28 18:44:00 2560 ----a-w- C:\WINDOWS\SysWow64\SyncRes.dll
2017-09-28 18:43:00 8962560 ----a-w- C:\WINDOWS\SysWow64\wmploc.DLL
2017-09-28 18:43:00 48640 ----a-w- C:\WINDOWS\SysWow64\SyncProxy.dll
2017-09-28 18:43:00 174080 ----a-w- C:\WINDOWS\SysWow64\wmpdxm.dll
2017-09-28 18:42:00 48640 ----a-w- C:\WINDOWS\SysWow64\APHostClient.dll
2017-09-28 18:42:00 459264 ----a-w- C:\WINDOWS\SysWow64\quickassist.exe
2017-09-28 18:42:00 147968 ----a-w- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
2017-09-28 18:42:00 117248 ----a-w- C:\WINDOWS\SysWow64\networkhelper.dll
2017-09-28 18:42:00 102912 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2017-09-28 18:41:00 348160 ----a-w- C:\WINDOWS\SysWow64\DavSyncProvider.dll
2017-09-28 18:41:00 217088 ----a-w- C:\WINDOWS\SysWow64\unregmp2.exe
2017-09-28 18:40:00 524800 ----a-w- C:\WINDOWS\SysWow64\SyncController.dll
2017-09-28 18:40:00 215552 ----a-w- C:\WINDOWS\SysWow64\accountaccessor.dll
2017-09-28 18:39:00 363520 ----a-w- C:\WINDOWS\SysWow64\AccountsRt.dll
2017-09-28 18:39:00 330240 ----a-w- C:\WINDOWS\SysWow64\syncutil.dll
2017-09-28 18:35:00 1546752 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2017-09-28 17:20:00 44032 ----a-w- C:\WINDOWS\System32\msdxm.tlb
2017-09-28 17:20:00 18944 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2017-09-28 17:03:00 44032 ----a-w- C:\WINDOWS\SysWow64\msdxm.tlb
.
============= FINISH: 15:38:00.33 ===============
Internet Explorer: 11.0.16299.98 BrowserJavaVersion: 10.67.2
Run by Kenneth Rivalsi at 15:35:40 on 2017-12-26
Microsoft Windows 10 Home 10.0.16299.0.1252.1.1033.18.7990.5247 [GMT -5:00]
.
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security *Enabled/Updated* {30744133-1E94-7B35-F4A3-82A5AEF1CBAA}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Norton Internet Security *Enabled/Updated* {8B15A0D7-38AE-74BB-CE13-B9D7D5768117}
FW: Norton Internet Security *Enabled* {084FC016-54FB-7A6D-DFFC-2B9050228CD1}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\atiesrxx.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservice -p -s fdPHost
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s FDResPub
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s HomeGroupProvider
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k netsvcs -p -s IKEEXT
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
c:\windows\system32\svchost.exe -k apphost -s AppHostSvc
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\system32\DbxSvc.exe
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k iissvcs
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files\Microsoft Office 15\ClientX64\OfficeClickToRun.exe
C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\system32\svchost.exe -k SPOCJS
C:\Program Files\IDT\WDM\AESTSr64.exe
C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemanowSvc.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\system32\mqsvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\WINDOWS\system32\atieclxx.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
c:\windows\system32\sihost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s upnphost
C:\WINDOWS\Explorer.EXE
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Program Files (x86)\Hewlett-Packard\Media\Webcam\YCMMirage.exe
C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\NIS.exe
C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.10.572.0_x64__kzf8qxf38zg5c\SkypeHost.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Windows\System32\igfxtray.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE
C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe
C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneMusic_10.17086.24711.0_x64__8wekyb3d8bbwe\Music.UI.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11711.1001.5.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p -s NcdAutoSetup
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p -s tiledatamodelsvc
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxps://www.google.com/?gws_rd=ssl
uSearch Bar = Preserve
uProxyOverride = <-loopback>;*.local
BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
BHO: Norton Vulnerability Protection: {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
BHO: Skype Browser Helper: {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
TB: Google Toolbar: {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine32\22.11.2.7\coIEPlg.dll
TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
EB: {1A6FE369-F28C-4AD9-A3E6-2BCB50807CF1} - <orphaned>
uRun: [googletalk] C:\Users\Kenneth Rivalsi\AppData\Roaming\Google\Google Talk\googletalk.exe /autostart
uRun: [OfficeSyncProcess] "C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE"
uRun: [OneDrive] "C:\Users\Kenneth Rivalsi\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Corel Photo Downloader] "C:\Program Files (x86)\Common Files\Corel\Corel PhotoDownloader\Corel Photo Downloader.exe" -startup
mRun: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
mRun: [CanonSolutionMenuEx] C:\Program Files (x86)\Canon\Solution Menu EX\CNSEMAIN.EXE /logon
mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
mRun: [ArcSoft Connection Service] C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\ONENOT~1.LNK - C:\Program Files (x86)\Microsoft Office\Office14\ONENOTEM.EXE
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\PMBMED~1.LNK - C:\Program Files (x86)\Sony\Sony Picture Utility\PMBCore\SPUVolumeWatcher.exe
StartupFolder: C:\Users\KENNET~1\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files\Microsoft Office 15\root\office15\onenotem.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\MCAFEE~1.LNK - C:\Program Files\McAfee Security Scan\3.11.599\SSScheduler.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\office15\onbttnie.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\office15\ONBttnIELinkedNotes.dll
IE: {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} - hxxp://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} - hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{ac0539c6-36f0-4d6c-af81-7cbe30db7c17} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{d49ed8a4-1478-4426-9e3d-52970edcd979} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{efa0cdec-f76a-4709-b1d4-4b5f82b2f6f1} : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office 15\root\office15\msosb.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-BHO: Norton Identity Safety: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
x64-BHO: Google Toolbar Helper: {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\urlredir.dll
x64-BHO: Microsoft SkyDrive Pro Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\grooveex.dll
x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} -
x64-BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -
x64-TB: Google Toolbar: {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll
x64-TB: Norton Toolbar: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\coIEPlg.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-Run: [SmartMenu] C:\Program Files\Hewlett-Packard\HP MediaSmart\SmartMenu.exe /background
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe
x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe
x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\onbttnie.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ochelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office 15\root\vfs\ProgramFilesX64\Microsoft Office\Office15\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - <orphaned>
x64-Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-Notify: igfxcui - igfxdev.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\63.0.3239.84\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
Hosts: 0.0.0.1 mssplus.mcafee.com
============= SERVICES / DRIVERS ===============
.
R0 amdkmpfd;AMD PCI Root Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmpfd.sys [2016-7-1 82664]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2017-9-29 130640]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2017-9-29 56728]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2011-3-3 56336]
R0 SymEFASI;Symantec Extended File Attributes (SI);C:\WINDOWS\System32\drivers\NISx64\160B020.007\symefasi64.sys [2017-11-20 1938584]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2017-9-29 15392]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2017-9-29 71248]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2017-9-29 18000]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2017-9-29 209304]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2017-9-29 240640]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2017-12-24 59800]
R1 BHDrvx64;BHDrvx64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\BASHDefs\20171220.001\BHDrvx64.sys [2017-12-21 1872024]
R1 ccSet_NIS;NIS Settings Manager;C:\WINDOWS\System32\drivers\NISx64\160B020.007\ccsetx64.sys [2017-11-20 187544]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2017-9-29 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2017-9-29 8192]
R1 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20171225.003\IDSvia64.sys [2017-12-25 1056920]
R1 SymIRON;Symantec Iron Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\ironx64.sys [2017-11-20 309984]
R1 SymNetS;Symantec Network Security WFP Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\symnets.sys [2017-11-20 566936]
R2 AESTFilters;Andrea ST Filters Service;C:\Program Files\IDT\WDM\AESTSr64.exe [2016-10-6 89600]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2017-8-2 2257016]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 255472]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2017-4-3 83768]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R2 CDPUserSvc_62279;Connected Devices Platform User Service_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 CinemaNow Service;CinemaNow Service;C:\Program Files (x86)\CinemaNow\CinemaNow Media Manager\CinemaNowSvc.exe [2010-6-12 400368]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2017-9-29 384000]
R2 ClickToRunSvc;Microsoft Office ClickToRun Service;C:\Program Files\Microsoft Office 15\ClientX64\officeclicktorun.exe [2015-1-18 3058416]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2017-9-29 48688]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2017-12-4 51016]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2017-9-29 48688]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-2-15 34872]
R2 IntelHaxm;Intel HAXM Service;C:\WINDOWS\System32\drivers\IntelHaxm.sys [2017-4-13 92280]
R2 NIS;Norton Internet Security;C:\Program Files (x86)\Norton Internet Security\Engine\22.11.2.7\nis.exe [2017-11-20 326144]
R2 NOBU;Norton Online Backup;C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [2010-6-1 2804568]
R2 OneSyncSvc_62279;Sync Host_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2017-12-24 519152]
R2 SPOCJS;Jack Sensing Service for USB Audio;C:\WINDOWS\System32\svchost.exe -k SPOCJS [2017-9-29 48688]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2017-9-29 79872]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-3-30 253960]
R2 UNS;Intel(R) Management & Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2011-2-8 2533400]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2017-12-24 147864]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R2 WpnUserService_62279;Windows Push Notifications User Service_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2017-9-29 60312]
R3 clwvd;HP Webcam Splitter;C:\WINDOWS\System32\drivers\clwvd.sys [2010-6-25 32880]
R3 EraserUtilRebootDrv;EraserUtilRebootDrv;C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [2017-11-15 158360]
R3 HECIx64;Intel(R) Management Engine Interface;C:\WINDOWS\System32\drivers\HECIx64.sys [2010-4-30 56344]
R3 Impcd;Impcd;C:\WINDOWS\System32\drivers\Impcd.sys [2009-10-26 151936]
R3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2017-9-29 39424]
R3 LAN9500;LAN9500 USB 2.0 to Ethernet 10/100 Adapter Service;C:\WINDOWS\System32\drivers\lan9500-x64-n650f.sys [2017-11-30 110400]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2017-9-29 21504]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2017-9-29 604160]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2016-3-30 52904]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
R3 usbaud;HP USB Media Port Rep Audio;C:\WINDOWS\System32\drivers\usbaud64.sys [2011-11-16 232064]
R3 wdkmd;Intel WiDi KMD;C:\WINDOWS\System32\drivers\WDKMD.sys [2010-4-16 39832]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2017-9-29 259584]
S0 SymELAM;Symantec ELAM Driver;C:\WINDOWS\System32\drivers\NISx64\160B020.007\symelam.sys [2017-11-20 24608]
S2 CLKMSVC10_C6F09094;CyberLink Product - 2011/02/08 00:50:00;C:\Program Files (x86)\Hewlett-Packard\Media\DVD\Kernel\HDDVD\NavFilter\kmsvc.exe [2011-2-8 245232]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2011-5-13 30520]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2017-9-29 48688]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2014-12-11 315496]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2017-9-29 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2017-9-29 1135512]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2017-9-29 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2017-9-29 48688]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-5-28 102912]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2017-9-29 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2017-9-29 48688]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2017-9-29 37784]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2017-9-29 39424]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2017-9-29 122368]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2017-9-29 357272]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2017-9-29 1723288]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2017-9-29 48688]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2017-6-27 143144]
S3 DevicesFlowUserSvc_62279;DevicesFlow_62279;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2017-9-29 48688]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2017-9-29 85504]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2017-9-29 48688]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2017-9-29 48688]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2017-9-29 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2017-9-29 48688]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2017-9-29 50584]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2017-9-29 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2017-9-29 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2017-9-29 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2017-9-29 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2017-9-29 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2017-9-29 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2017-9-29 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2017-9-29 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2017-9-29 113152]
S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2017-9-29 674200]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2017-9-29 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 InstallService;Windows Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 invdimm;Microsoft iNVDIMM device driver;C:\WINDOWS\System32\drivers\invdimm.sys [2017-9-29 38912]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2017-9-29 26112]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2017-9-29 123800]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2017-9-29 103320]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2017-9-29 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2017-9-29 55840]
S3 McComponentHostService;McAfee Security Scan Component Host Service;C:\Program Files\McAfee Security Scan\3.11.599\McCHSvc.exe [2017-9-5 404376]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2017-9-29 63520]
S3 MessagingService_62279;MessagingService_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2017-9-29 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2017-9-29 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2017-9-29 132608]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2017-12-24 192512]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 nvdimmn;Microsoft NVDIMM-N device driver;C:\WINDOWS\System32\drivers\nvdimmn.sys [2017-9-29 88576]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2017-9-29 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2017-9-29 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 PimIndexMaintenanceSvc_62279;Contact Data_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2017-9-29 16896]
S3 PrintWorkflowUserSvc_62279;PrintWorkflow_62279;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2017-9-29 48688]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2017-9-29 39832]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2017-9-29 1849752]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2017-9-29 936856]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2017-9-29 48688]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2017-9-29 103936]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2017-9-29 48688]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2017-9-29 118168]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2017-9-29 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2017-9-29 1288704]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2017-9-29 154520]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2017-9-29 48688]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2017-9-29 56216]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2017-12-24 956416]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2017-9-29 103320]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2017-12-24 45464]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2017-9-29 302592]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2017-12-24 114688]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2017-9-29 146944]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2017-12-24 57344]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2017-9-29 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2017-9-29 28568]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2017-9-29 266648]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2017-9-29 97312]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2017-9-29 140696]
S3 UnistoreSvc_62279;User Data Storage_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2017-9-29 28568]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2017-12-24 60824]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2017-9-29 27544]
S3 UserDataSvc_62279;User Data Access_62279;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2017-9-29 48688]
S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2017-9-29 48688]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2017-9-29 34816]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2017-9-29 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2017-9-29 48688]
S3 vnvdimm;Microsoft virtual NVDIMM device driver;C:\WINDOWS\System32\drivers\vnvdimm.sys [2017-9-29 43008]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2017-9-29 48688]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2017-9-29 48688]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2017-9-29 48688]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2017-9-29 76288]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2017-12-24 770048]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2017-9-29 119192]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2017-9-29 355304]
S3 wdnsfltr;Windows Defender Network Stream Filter Driver;C:\WINDOWS\System32\drivers\wdnsfltr.sys [2017-9-29 33792]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2017-9-29 48688]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2017-9-29 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2017-9-29 225280]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2017-9-29 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2017-9-29 48688]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2017-9-29 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2017-9-29 281600]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2017-9-29 46592]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2017-9-29 48688]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2017-9-29 48688]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2017-12-26 17:14:57 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{CC9F8681-686D-44B8-8532-AFA297F134D6}
2017-12-26 04:11:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{2C794624-DC40-429D-A1B7-67EF429E3E91}
2017-12-25 14:48:27 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{C0945908-0199-4FE3-9546-A9B50A6958FD}
2017-12-25 01:11:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\PlaceholderTileLogoFolder
2017-12-25 01:08:02 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\SlimWare Utilities Inc
2017-12-24 19:27:59 -------- d-----w- C:\Windows.old
2017-12-24 19:14:50 -------- d-----w- C:\Program Files (x86)\Common Files\SpeechEngines
2017-12-24 19:14:45 -------- d-----w- C:\Program Files\Common Files\SpeechEngines
2017-12-24 19:12:22 -------- d-----w- C:\WINDOWS\System32\Microsoft
2017-12-24 19:12:22 -------- d-----w- C:\WINDOWS\ServiceProfiles
2017-12-24 19:04:49 -------- d-----w- C:\WINDOWS\SysWow64\BestPractices
2017-12-24 17:50:54 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2017-12-24 17:49:16 -------- d--h--w- C:\Users\Kenneth Rivalsi\MicrosoftEdgeBackups
2017-12-24 17:47:08 -------- d-----r- C:\Users\Kenneth Rivalsi\3D Objects
2017-12-24 17:45:50 -------- d-sh--we C:\ProgramData\Documents
2017-12-24 17:18:36 -------- d-----w- C:\WINDOWS\System32\wbem\Performance
2017-12-24 17:14:35 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2017-12-24 17:14:34 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2017-12-24 16:47:01 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\Packages
2017-12-24 16:40:47 -------- d-----w- C:\Program Files\ATI Technologies
2017-12-24 16:38:19 2241024 ----a-w- C:\WINDOWS\SysWow64\PrintConfig.dll
2017-12-24 16:35:57 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2017-12-24 16:34:12 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2017-12-24 14:29:58 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{E689F7F7-AACC-4327-A397-E1184C06183C}
2017-12-23 13:42:25 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{88D49AB2-D0F4-4901-A0A7-72A75D5F7E1F}
2017-12-22 19:21:11 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{5AFBBC2F-3D78-4818-8234-A82A1F10D551}
2017-12-22 01:52:25 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{86DC407A-D8E2-4D1D-AF32-AE3094BC11DE}
2017-12-21 13:52:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{81378C89-11F0-4676-B41D-09DB67CC16F4}
2017-12-21 01:37:57 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{BD17D121-5B84-4D90-BFD2-6D3A09C90CC4}
2017-12-20 13:37:40 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3431A083-F63E-417E-8607-30B05FE29976}
2017-12-19 23:08:37 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{60EBB520-E872-40BC-81DB-EDC44AC1502B}
2017-12-19 01:55:43 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D01BA935-0F29-45A9-8877-6D511CD94142}
2017-12-18 13:43:07 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{0FD412D0-B542-420C-B763-02EEC37BD50B}
2017-12-18 12:45:03 -------- dc----w- C:\WINDOWS\Panther
2017-12-17 16:26:27 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{E8CC70B3-BD1D-472E-ADA3-36EFC37D9944}
2017-12-17 04:26:10 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{8AF25D4B-F490-49FC-98B7-1F91A483E33F}
2017-12-16 16:26:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3426DB92-9C21-48AF-B29B-F8A60C899D08}
2017-12-16 04:25:51 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3676AAC7-F24C-483B-8D1C-8A7BA971F7E9}
2017-12-15 15:09:44 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{4853203B-9D05-47F5-B7C6-DB3A0905BC0B}
2017-12-14 23:58:52 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{91B17DBD-85B4-4723-B7E2-14B2835B09EC}
2017-12-13 23:22:28 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A9EB6499-7618-4475-8D80-FD50EAE24A0E}
2017-12-12 22:49:55 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{A3767D31-37F0-4295-98CC-54F32B162941}
2017-12-12 02:26:24 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{24B75D19-F804-4AD2-BC6F-5984504BDD62}
2017-12-11 12:16:22 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{30A4F814-0F5F-4C52-9D7B-68A13B3F325C}
2017-12-10 19:56:12 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{B404B4CA-8167-4998-A7E9-E5EBC2248388}
2017-12-09 16:30:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{2BC7EA8E-C8A5-47D7-AE37-B9035AA1AA39}
2017-12-09 04:30:33 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{8FE7125B-9EDB-4CE7-8AA4-D072688F16B3}
2017-12-08 14:44:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{25A4ACF5-F383-43DC-A65A-3080D98ADDC5}
2017-12-07 22:57:32 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{7440F999-62D0-419E-BFD0-64A5278B8908}
2017-12-06 22:46:14 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{3421A9A9-19FF-4CA2-8777-FFE702F583D0}
2017-12-05 01:06:22 51016 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2017-12-05 01:06:22 45672 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2017-12-05 01:06:22 45640 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2017-12-05 01:06:22 45640 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2017-12-04 23:15:47 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{394F0E84-0F0C-4100-87C4-545D86195356}
2017-12-04 02:31:26 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{607F10FB-8728-4D21-A0A6-419A327293AB}
2017-12-03 14:00:52 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D8CCE3E3-6D36-4578-9EB4-958FD2AE0251}
2017-12-03 01:20:29 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{9F94835D-A93E-4C80-A50B-4EFBD29DE871}
2017-12-02 12:20:06 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D0AE91A1-AB3B-49FD-B0D3-2F8B9AB1B0D5}
2017-12-02 02:43:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\EO.WebEngine
2017-12-01 23:32:53 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{4319C247-63DC-40EE-BC1D-0F83C94DA06C}
2017-11-30 23:22:08 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{D9601D1A-3E2D-4541-80BE-4F6ED04ED3E2}
2017-11-30 13:02:40 110400 ----a-w- C:\WINDOWS\System32\drivers\lan9500-x64-n650f.sys
2017-11-30 00:50:50 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{48D9BB68-B89C-4D95-AD0B-7FDA416249F3}
2017-11-28 23:25:28 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{0D6B0CA2-3836-48FC-8F99-9B8C6243403E}
2017-11-27 22:34:45 -------- d-----w- C:\Users\Kenneth Rivalsi\AppData\Local\{DC3F53E4-B4B0-43D8-905E-2EC98BFD9344}
.
==================== Find3M ====================
.
2017-12-26 16:55:46 144368 ------w- C:\WINDOWS\System32\drivers\rikvm_C6F09094.sys
2017-12-24 19:04:09 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2017-12-24 19:04:09 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2017-12-24 19:04:08 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2017-12-24 19:04:08 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2017-12-24 19:04:08 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2017-12-24 19:04:07 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2017-12-13 03:18:54 133326408 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2017-12-03 22:38:40 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2017-12-03 22:38:40 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2017-11-20 22:51:29 102600 ----a-w- C:\WINDOWS\System32\drivers\SYMEVENT64x86.SYS
2017-11-10 23:31:25 566936 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symnets.sys
2017-11-10 23:31:25 468616 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symtdiv.sys
2017-11-10 23:31:06 24608 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symelam.sys
2017-11-10 23:31:06 1938584 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\symefasi64.sys
2017-11-10 23:29:34 309984 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\ironx64.sys
2017-11-10 23:28:36 187544 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\ccsetx64.sys
2017-11-10 23:28:12 812696 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\srtsp64.sys
2017-11-10 23:28:12 49304 ----a-w- C:\WINDOWS\System32\drivers\NISx64\160B020.007\srtspx64.sys
2017-09-29 14:43:11 979384 ----a-w- C:\WINDOWS\System32\DolbyDecMFT.dll
2017-09-29 14:42:18 6347776 ----a-w- C:\WINDOWS\System32\NlsData0009.dll
2017-09-29 14:42:18 5739008 ----a-w- C:\WINDOWS\System32\prm0009.dll
2017-09-29 14:42:18 5484032 ----a-w- C:\WINDOWS\SysWow64\NlsData0009.dll
2017-09-29 14:42:18 2629120 ----a-w- C:\WINDOWS\SysWow64\NlsLexicons0009.dll
2017-09-29 14:42:18 2629120 ----a-w- C:\WINDOWS\System32\NlsLexicons0009.dll
2017-09-29 14:42:09 1347608 ----a-w- C:\WINDOWS\SysWow64\wmpmde.dll
2017-09-29 14:41:17 6656 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\ndiscap.sys.mui
2017-09-29 14:41:15 11776 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\NdisImPlatform.sys.mui
2017-09-29 14:41:12 3584 ----a-w- C:\WINDOWS\SysWow64\drivers\en-US\wfplwfs.sys.mui
2017-09-29 13:44:26 208384 ----a-w- C:\WINDOWS\SysWow64\msclmd.dll
2017-09-29 13:44:25 229376 ----a-w- C:\WINDOWS\System32\msclmd.dll
2017-09-29 13:42:27 98304 ----a-w- C:\WINDOWS\SysWow64\wlgpclnt.dll
2017-09-29 13:41:58 97792 ----a-w- C:\WINDOWS\System32\wshext.dll
2017-09-29 13:40:59 96768 ----a-w- C:\WINDOWS\System32\drivers\drmk.sys
2017-09-29 08:45:15 118272 ----a-w- C:\WINDOWS\SysWow64\poqexec.exe
2017-09-29 08:45:14 141312 ----a-w- C:\WINDOWS\System32\poqexec.exe
2017-09-29 08:45:12 847768 ----a-w- C:\WINDOWS\System32\SmiEngine.dll
2017-09-29 08:45:12 774552 ----a-w- C:\WINDOWS\System32\NetSetupEngine.dll
2017-09-29 08:45:12 244632 ----a-w- C:\WINDOWS\System32\wdscore.dll
2017-09-29 08:45:12 206848 ----a-w- C:\WINDOWS\System32\PkgMgr.exe
2017-09-29 08:45:12 143256 ----a-w- C:\WINDOWS\System32\NetSetupApi.dll
2017-09-29 08:45:12 134552 ----a-w- C:\WINDOWS\System32\SSShim.dll
2017-09-29 08:45:12 109568 ----a-w- C:\WINDOWS\System32\NetDriverInstall.dll
2017-09-28 21:38:00 2035096 ----a-w- C:\WINDOWS\System32\wmpmde.dll
2017-09-28 21:23:00 285176 ----a-w- C:\WINDOWS\System32\wmpeffects.dll
2017-09-28 21:21:00 387408 ----a-w- C:\WINDOWS\System32\wmpps.dll
2017-09-28 20:49:00 250208 ----a-w- C:\WINDOWS\SysWow64\wmpeffects.dll
2017-09-28 20:49:00 153088 ----a-w- C:\WINDOWS\SysWow64\wmpps.dll
2017-09-28 19:05:00 7168 ----a-w- C:\WINDOWS\System32\msdxm.ocx
2017-09-28 19:05:00 7168 ----a-w- C:\WINDOWS\System32\dxmasf.dll
2017-09-28 19:05:00 2560 ----a-w- C:\WINDOWS\System32\wmerror.dll
2017-09-28 19:05:00 2560 ----a-w- C:\WINDOWS\System32\SyncRes.dll
2017-09-28 19:05:00 16384 ----a-w- C:\WINDOWS\System32\APHostRes.dll
2017-09-28 19:05:00 11264 ----a-w- C:\WINDOWS\System32\spwmp.dll
2017-09-28 19:04:00 90624 ----a-w- C:\WINDOWS\System32\InternetMailCsp.dll
2017-09-28 19:04:00 62464 ----a-w- C:\WINDOWS\System32\SyncProxy.dll
2017-09-28 19:04:00 58880 ----a-w- C:\WINDOWS\System32\InprocLogger.dll
2017-09-28 19:04:00 216576 ----a-w- C:\WINDOWS\System32\wmpdxm.dll
2017-09-28 19:04:00 175616 ----a-w- C:\WINDOWS\System32\MCCSEngineShared.dll
2017-09-28 19:04:00 13824 ----a-w- C:\WINDOWS\System32\EasPolicyManagerBrokerPS.dll
2017-09-28 19:03:00 96256 ----a-w- C:\WINDOWS\System32\ActiveSyncCsp.dll
2017-09-28 19:03:00 8962560 ----a-w- C:\WINDOWS\System32\wmploc.DLL
2017-09-28 19:03:00 70656 ----a-w- C:\WINDOWS\System32\APHostClient.dll
2017-09-28 19:03:00 20480 ----a-w- C:\WINDOWS\System32\MCCSPal.dll
2017-09-28 19:03:00 137216 ----a-w- C:\WINDOWS\System32\networkhelper.dll
2017-09-28 19:03:00 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2017-09-28 19:02:00 742912 ----a-w- C:\WINDOWS\System32\internetmail.dll
2017-09-28 19:02:00 559104 ----a-w- C:\WINDOWS\System32\quickassist.exe
2017-09-28 19:02:00 268800 ----a-w- C:\WINDOWS\System32\accountaccessor.dll
2017-09-28 19:02:00 257024 ----a-w- C:\WINDOWS\System32\unregmp2.exe
2017-09-28 19:01:00 404480 ----a-w- C:\WINDOWS\System32\DavSyncProvider.dll
2017-09-28 19:01:00 369664 ----a-w- C:\WINDOWS\System32\APHostService.dll
2017-09-28 19:00:00 64000 ----a-w- C:\WINDOWS\System32\EASPolicyManagerBrokerHost.exe
2017-09-28 19:00:00 434176 ----a-w- C:\WINDOWS\System32\AccountsRt.dll
2017-09-28 18:59:00 624128 ----a-w- C:\WINDOWS\System32\SyncController.dll
2017-09-28 18:59:00 393216 ----a-w- C:\WINDOWS\System32\syncutil.dll
2017-09-28 18:56:00 1777664 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll
2017-09-28 18:45:00 5632 ----a-w- C:\WINDOWS\SysWow64\msdxm.ocx
2017-09-28 18:45:00 5632 ----a-w- C:\WINDOWS\SysWow64\dxmasf.dll
2017-09-28 18:44:00 9216 ----a-w- C:\WINDOWS\SysWow64\spwmp.dll
2017-09-28 18:44:00 2560 ----a-w- C:\WINDOWS\SysWow64\wmerror.dll
2017-09-28 18:44:00 2560 ----a-w- C:\WINDOWS\SysWow64\SyncRes.dll
2017-09-28 18:43:00 8962560 ----a-w- C:\WINDOWS\SysWow64\wmploc.DLL
2017-09-28 18:43:00 48640 ----a-w- C:\WINDOWS\SysWow64\SyncProxy.dll
2017-09-28 18:43:00 174080 ----a-w- C:\WINDOWS\SysWow64\wmpdxm.dll
2017-09-28 18:42:00 48640 ----a-w- C:\WINDOWS\SysWow64\APHostClient.dll
2017-09-28 18:42:00 459264 ----a-w- C:\WINDOWS\SysWow64\quickassist.exe
2017-09-28 18:42:00 147968 ----a-w- C:\WINDOWS\SysWow64\MCCSEngineShared.dll
2017-09-28 18:42:00 117248 ----a-w- C:\WINDOWS\SysWow64\networkhelper.dll
2017-09-28 18:42:00 102912 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2017-09-28 18:41:00 348160 ----a-w- C:\WINDOWS\SysWow64\DavSyncProvider.dll
2017-09-28 18:41:00 217088 ----a-w- C:\WINDOWS\SysWow64\unregmp2.exe
2017-09-28 18:40:00 524800 ----a-w- C:\WINDOWS\SysWow64\SyncController.dll
2017-09-28 18:40:00 215552 ----a-w- C:\WINDOWS\SysWow64\accountaccessor.dll
2017-09-28 18:39:00 363520 ----a-w- C:\WINDOWS\SysWow64\AccountsRt.dll
2017-09-28 18:39:00 330240 ----a-w- C:\WINDOWS\SysWow64\syncutil.dll
2017-09-28 18:35:00 1546752 ----a-w- C:\WINDOWS\SysWow64\ActiveSyncProvider.dll
2017-09-28 17:20:00 44032 ----a-w- C:\WINDOWS\System32\msdxm.tlb
2017-09-28 17:20:00 18944 ----a-w- C:\WINDOWS\System32\amcompat.tlb
2017-09-28 17:03:00 44032 ----a-w- C:\WINDOWS\SysWow64\msdxm.tlb
.
============= FINISH: 15:38:00.33 ===============