I am hearing weird noises in the background (Noises, Words, Songs, Provocative Sounds) - assuming some sort of Adware. The noises can be heard by other ppl if i am chatting with them on Discord or other telecommunication software. When the noises come on, my cpu usage spikes and memory spikes.
I have backed up my device.
Logs:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.172.2
Run by tj2792 at 15:28:32 on 2018-06-17
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8083.4007 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\WINDOWS\SysWOW64\nlssrv32.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxEM.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\WOMic\WOMicClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k SDRSVC
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
svchost.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\tj2792\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Spotify] C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
uRun: [Spotify Web Helper] C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WOMICC~1.LNK - C:\Program Files (x86)\WOMic\WOMicClient.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{063abb76-96e9-4438-86b9-145718dc3de8} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5e7397a3-4469-42f4-8aa8-ef6727a92a79} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2016-8-22 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 MpKsl7ea685a9;MpKsl7ea685a9;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys [2018-6-17 58120]
R1 ZAM_Guard;ZAM Guard Driver;C:\WINDOWS\System32\drivers\zamguard64.sys [2018-6-16 203680]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-6-4 814688]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-9-26 2128872]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2016-8-22 936728]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2016-8-22 1360016]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_85cbe;Connected Devices Platform User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2016-3-3 7761584]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe [2017-7-31 605296]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe [2017-7-31 407152]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2015-5-7 272352]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-11 223520]
R2 nlsx86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2018-2-17 70768]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-5-19 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-4-7 469952]
R2 OneSyncSvc_85cbe;Sync Host_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_85cbe;Windows Push Notifications User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 asmthub3;ASMedia USB3 Hub Service;C:\WINDOWS\System32\drivers\asmthub3.sys [2015-6-5 149240]
R3 asmtxhci;ASMEDIA XHCI Service;C:\WINDOWS\System32\drivers\asmtxhci.sys [2015-6-5 442104]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d65x64.sys [2016-4-19 559080]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-5-11 825344]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-7 39920]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-3-18 59240]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-5-27 68112]
R3 PimIndexMaintenanceSvc_85cbe;Contact Data_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
R3 UnistoreSvc_85cbe;User Data Storage_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_85cbe;User Data Access_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-5-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [2018-5-31 4682552]
R3 wovad_micarray;WO Mic Device;C:\WINDOWS\System32\drivers\womic.sys [2017-5-21 37984]
RUnknown aswArPot;aswArPot; [x]
RUnknown aswbidsdriver;aswbidsdriver; [x]
RUnknown aswbidsh;aswbidsh; [x]
RUnknown aswblog;aswblog; [x]
RUnknown aswbuniv;aswbuniv; [x]
RUnknown aswHdsKe;aswHdsKe; [x]
RUnknown aswMonFlt;aswMonFlt; [x]
RUnknown aswRvrt;aswRvrt; [x]
RUnknown aswSnx;aswSnx; [x]
RUnknown aswSP;aswSP; [x]
RUnknown aswVmm;aswVmm; [x]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 BcastDVRUserService_85cbe;GameDVR and Broadcast User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-9-30 6875688]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_85cbe;Bluetooth User Support Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_85cbe;DevicePicker_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_85cbe;DevicesFlow_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-30 775296]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_85cbe;MessagingService_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-4-8 31168]
S3 PAExec;PAExec;C:\Windows\PAExec.exe -service --> C:\Windows\PAExec.exe -service [?]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_85cbe;PrintWorkflow_85cbe;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-6-12 1921952]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-6-12 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-27 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
SUnknown aswbIDSAgent;aswbIDSAgent; [x]
SUnknown aswHwid;aswHwid; [x]
SUnknown aswStm;aswStm; [x]
SUnknown avast! Antivirus;avast! Antivirus; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-06-17 19:24:35 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys
2018-06-17 19:24:02 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\mpengine.dll
2018-06-17 18:50:04 -------- d-----w- C:\Program Files (x86)\Common Files\Oracle
2018-06-17 18:45:39 -------- d-----w- C:\Program Files\AVAST Software
2018-06-17 18:45:21 -------- d-----w- C:\ProgramData\AVAST Software
2018-06-16 21:56:25 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-06-16 21:44:57 203680 ----a-w- C:\WINDOWS\System32\drivers\zamguard64.sys
2018-06-16 21:44:56 -------- d-----w- C:\Program Files (x86)\Zemana AntiMalware
2018-06-16 21:44:42 -------- d-----w- C:\Users\tj2792\AppData\Local\Zemana
2018-06-16 21:34:42 -------- d-----w- C:\Program Files\Malwarebytes
2018-06-13 02:49:01 7520000 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:01 6569960 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:00 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-06-01 01:09:17 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\X86\MpAsDesc.dll
2018-05-28 23:50:12 -------- d-----w- C:\Users\tj2792\AppData\Local\D3DSCache
2018-05-28 23:49:59 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-28 23:48:23 -------- d-sh--we C:\ProgramData\Documents
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-28 23:42:48 552480 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-05-28 23:42:48 456608 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2018-05-28 23:42:16 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-28 23:42:07 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-27 20:02:55 581120 ----a-w- C:\WINDOWS\SysWow64\hhctrl.ocx
2018-05-27 19:49:20 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2018-05-27 19:49:19 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2018-05-27 19:49:19 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:18 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:17 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2018-05-27 19:49:15 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2018-05-27 19:47:32 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-05-27 19:47:31 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-05-27 19:47:30 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-05-27 19:47:30 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-05-27 19:47:29 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-05-27 19:47:28 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-27 19:21:30 -------- d-----w- C:\.jagex_cache_32
2018-05-27 19:10:20 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-05-27 18:55:46 -------- dc----w- C:\WINDOWS\Panther
.
==================== Find3M ====================
.
2018-06-17 18:50:00 98760 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2018-06-13 02:50:41 133315992 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-06-08 19:07:06 506184 ----a-w- C:\WINDOWS\System32\systemreset.exe
2018-06-08 19:05:19 94112 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2018-06-08 19:02:55 661160 ----a-w- C:\WINDOWS\System32\GenValObj.exe
2018-06-08 19:02:48 4527680 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-06-08 19:02:19 1634808 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-06-08 19:01:11 1046944 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2018-06-08 18:48:47 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-06-08 18:47:25 144384 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2018-06-08 18:46:37 584192 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll
2018-06-08 18:45:54 4392448 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2018-06-08 18:45:53 808960 ----a-w- C:\WINDOWS\System32\MBR2GPT.EXE
2018-06-08 18:45:39 1560576 ----a-w- C:\WINDOWS\System32\msdt.exe
2018-06-08 18:44:44 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2018-06-08 18:44:40 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-06-08 18:44:27 625152 ----a-w- C:\WINDOWS\System32\BootMenuUX.dll
2018-06-08 18:44:03 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-06-08 18:43:24 1719808 ----a-w- C:\WINDOWS\System32\dui70.dll
2018-06-08 18:43:20 1659904 ----a-w- C:\WINDOWS\System32\XpsPrint.dll
2018-06-08 18:43:15 2922496 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2018-06-08 18:43:11 3640832 ----a-w- C:\WINDOWS\System32\mstsc.exe
2018-06-08 18:43:06 1543680 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2018-06-08 18:43:05 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-06-08 18:42:57 1605632 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2018-06-08 18:42:50 3999232 ----a-w- C:\WINDOWS\System32\UIRibbon.dll
2018-06-08 18:42:39 3653120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-06-08 18:42:21 2084864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2018-06-08 18:42:01 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-06-08 18:41:45 878080 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-06-08 18:41:22 182272 ----a-w- C:\WINDOWS\System32\easwrt.dll
2018-06-08 18:41:13 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-06-08 18:41:06 2019840 ----a-w- C:\WINDOWS\System32\ResetEngine.dll
2018-06-08 18:41:02 1180672 ----a-w- C:\WINDOWS\System32\reseteng.dll
2018-06-08 18:40:48 465920 ----a-w- C:\WINDOWS\System32\DXP.dll
2018-06-08 17:04:16 1454024 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-06-08 16:58:40 917408 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2018-06-08 16:50:10 1508352 ----a-w- C:\WINDOWS\SysWow64\msdt.exe
2018-06-08 16:47:51 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2018-06-08 16:47:50 1032704 ----a-w- C:\WINDOWS\SysWow64\XpsPrint.dll
2018-06-08 16:47:31 2895872 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-06-08 16:47:30 3492864 ----a-w- C:\WINDOWS\SysWow64\UIRibbon.dll
2018-06-08 16:47:19 703488 ----a-w- C:\WINDOWS\SysWow64\CPFilters.dll
2018-06-08 16:47:12 1462784 ----a-w- C:\WINDOWS\SysWow64\dui70.dll
2018-06-08 16:46:55 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-06-08 16:46:41 2016256 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2018-06-08 16:46:35 3444224 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2018-06-08 16:45:51 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-06-08 16:06:33 976384 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-06-08 16:05:59 944640 ----a-w- C:\WINDOWS\System32\Windows.Mirage.Internal.dll
2018-06-08 16:05:24 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-06-08 14:00:19 658432 ----a-w- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
2018-06-08 14:00:16 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-06-08 10:38:23 5821544 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2018-06-08 10:37:27 2417840 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2018-06-08 10:35:52 613144 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2018-06-08 10:35:09 1613200 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-06-08 10:34:40 748512 ----a-w- C:\WINDOWS\System32\dxgi.dll
2018-06-08 10:34:21 1299056 ----a-w- C:\WINDOWS\SysWow64\D3D12.dll
2018-06-08 10:31:54 3180176 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-06-08 10:31:39 7900984 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-06-08 10:31:08 29600 ----a-w- C:\WINDOWS\System32\drivers\uefi.sys
2018-06-08 10:30:11 705440 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-06-08 09:34:40 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-06-08 09:34:11 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-06-08 09:33:58 1034632 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-06-08 09:33:53 1213368 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2018-06-08 09:33:24 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-06-08 09:33:22 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-06-08 09:31:16 226720 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-06-08 09:31:07 1012640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-06-08 09:31:00 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-06-08 09:29:47 1026976 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-06-08 09:12:12 786176 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-06-08 09:12:04 861616 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-06-08 09:11:59 550616 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2018-06-08 09:11:05 1461744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2018-06-08 09:10:39 97176 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2018-06-08 09:10:35 2479272 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2018-06-08 09:10:32 880152 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2018-06-08 09:10:31 457152 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-06-08 09:10:30 1988072 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-06-08 09:10:25 2331584 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-06-08 09:10:19 1397200 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-06-08 09:10:09 2307336 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-06-08 09:10:03 1011992 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-06-08 09:04:02 4706816 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-06-08 09:03:35 22005760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-06-08 09:03:34 38400 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryCore.dll
2018-06-08 09:03:14 32256 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2018-06-08 09:03:12 185344 ----a-w- C:\WINDOWS\System32\InstallServiceTasks.dll
2018-06-08 09:03:07 906752 ----a-w- C:\WINDOWS\System32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-08 09:02:51 96768 ----a-w- C:\WINDOWS\System32\usoapi.dll
2018-06-08 09:02:35 59904 ----a-w- C:\WINDOWS\System32\edpnotify.exe
2018-06-08 09:02:00 35840 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2018-06-08 09:01:56 182272 ----a-w- C:\WINDOWS\System32\BitLockerCsp.dll
2018-06-08 09:01:54 342528 ----a-w- C:\WINDOWS\System32\browserexport.exe
2018-06-08 09:01:46 46080 ----a-w- C:\WINDOWS\System32\tbauth.dll
2018-06-08 09:01:36 46080 ----a-w- C:\WINDOWS\System32\drivers\hidparse.sys
2018-06-08 09:01:30 295424 ----a-w- C:\WINDOWS\System32\FSClient.dll
.
============= FINISH: 15:28:42.52 ===============
I have backed up my device.
Logs:
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1 BrowserJavaVersion: 11.172.2
Run by tj2792 at 15:28:32 on 2018-06-17
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.8083.4007 [GMT -4:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s lmhosts
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s hidserv
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s NcdAutoSetup
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe
C:\WINDOWS\SysWOW64\nlssrv32.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
C:\Windows\system32\IProsetMonitor.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe
C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHeciSvc.exe
c:\windows\system32\svchost.exe -k netsvcs
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s Netman
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\sihost.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\WINDOWS\system32\ctfmon.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxEM.exe
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.9328.1700.0_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18041.14611.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\NVIDIA Corporation\ShadowPlay\nvsphelper64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA Share.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s WdiSystemHost
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Steam\SteamService.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe
C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe
C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\IPC\AdobeIPCBroker.exe
C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ADS\Adobe Desktop Service.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
C:\Program Files (x86)\WOMic\WOMicClient.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CoreSync\CoreSync.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\CCXProcess.exe
C:\Program Files (x86)\Adobe\Adobe Creative Cloud\CCXProcess\libs\node.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\HEX\Adobe CEF Helper.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k netsvcs -p
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe
C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k SDRSVC
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\System32\svchost.exe -k swprv
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Windows\System32\smartscreen.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s wcncsvc
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p -s NgcCtnrSvc
svchost.exe
C:\WINDOWS\SysWOW64\NOTEPAD.EXE
C:\WINDOWS\system32\svchost.exe -k LocalService -p -s fdPHost
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\ssv.dll
BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\Office16\GROOVEEX.DLL
BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_172\bin\jp2ssv.dll
uRun: [OneDrive] "C:\Users\tj2792\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
uRun: [Spotify] C:\Users\tj2792\AppData\Roaming\Spotify\Spotify.exe --autostart --minimized
uRun: [Spotify Web Helper] C:\Users\tj2792\AppData\Roaming\Spotify\SpotifyWebHelper.exe --autostart
mRun: [Adobe Creative Cloud] "C:\Program Files (x86)\Adobe\Adobe Creative Cloud\ACC\Creative Cloud.exe" --showwindow=false --onOSstartup=true
mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SENDTO~1.LNK - C:\Program Files (x86)\Microsoft Office\root\Office16\ONENOTEM.EXE
StartupFolder: C:\Users\tj2792\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\WOMICC~1.LNK - C:\Program Files (x86)\WOMic\WOMicClient.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{063abb76-96e9-4438-86b9-145718dc3de8} : DHCPNameServer = 75.75.75.75 75.75.76.76
TCP: Interfaces\{5e7397a3-4469-42f4-8aa8-ef6727a92a79} : DHCPNameServer = 75.75.75.75 75.75.76.76
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Lync Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Microsoft OneDrive for Business Browser Helper: {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\GROOVEEX.DLL
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe" -s
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\67.0.3396.87\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2016-8-22 1455552]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-4-11 72232]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 MpKsl7ea685a9;MpKsl7ea685a9;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys [2018-6-17 58120]
R1 ZAM_Guard;ZAM Guard Driver;C:\WINDOWS\System32\drivers\zamguard64.sys [2018-6-16 203680]
R2 AdobeUpdateService;AdobeUpdateService;C:\Program Files (x86)\Common Files\Adobe\Adobe Desktop Common\ElevationManager\AdobeUpdateService.exe [2017-6-4 814688]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2321384]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-9-26 2128872]
R2 asComSvc;ASUS Com Service;C:\Program Files (x86)\ASUS\AXSP\1.02.00\atkexComSvc.exe [2016-8-22 936728]
R2 AsSysCtrlService;ASUS System Control Service;C:\Program Files (x86)\ASUS\AsSysCtrlService\1.00.22\AsSysCtrlService.exe [2016-8-22 1360016]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_85cbe;Connected Devices Platform User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-4-11 414208]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2016-3-3 7761584]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 cplspcon;Intel(R) Content Protection HDCP Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\IntelCpHDCPSvc.exe [2017-7-31 605296]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_f507e86e308a4c50\igfxCUIService.exe [2017-7-31 407152]
R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2015-5-7 272352]
R2 isaHelperSvc;Intel(R) Security Assist Helper;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-5-19 7680]
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [2015-7-11 223520]
R2 nlsx86cc;Nalpeiron Licensing Service;C:\Windows\SysWOW64\nlssrv32.exe [2018-2-17 70768]
R2 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2017-5-19 764896]
R2 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2017-4-7 469952]
R2 OneSyncSvc_85cbe;Sync Host_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-4-11 761440]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_85cbe;Windows Push Notifications User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
R3 asmthub3;ASMedia USB3 Hub Service;C:\WINDOWS\System32\drivers\asmthub3.sys [2015-6-5 149240]
R3 asmtxhci;ASMEDIA XHCI Service;C:\WINDOWS\System32\drivers\asmtxhci.sys [2015-6-5 442104]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d65x64.sys [2016-4-19 559080]
R3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2017-5-11 825344]
R3 iwdbus;IWD Bus Enumerator;C:\WINDOWS\System32\drivers\iwdbus.sys [2015-12-7 39920]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2018-3-18 59240]
R3 nvvhci;NVVHCI Enumerator Service;C:\WINDOWS\System32\drivers\nvvhci.sys [2018-5-27 68112]
R3 PimIndexMaintenanceSvc_85cbe;Contact Data_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
R3 UnistoreSvc_85cbe;User Data Storage_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_85cbe;User Data Access_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-5-31 61992]
R3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\NisSrv.exe [2018-5-31 4682552]
R3 wovad_micarray;WO Mic Device;C:\WINDOWS\System32\drivers\womic.sys [2017-5-21 37984]
RUnknown aswArPot;aswArPot; [x]
RUnknown aswbidsdriver;aswbidsdriver; [x]
RUnknown aswbidsh;aswbidsh; [x]
RUnknown aswblog;aswblog; [x]
RUnknown aswbuniv;aswbuniv; [x]
RUnknown aswHdsKe;aswHdsKe; [x]
RUnknown aswMonFlt;aswMonFlt; [x]
RUnknown aswRvrt;aswRvrt; [x]
RUnknown aswSnx;aswSnx; [x]
RUnknown aswSP;aswSP; [x]
RUnknown aswVmm;aswVmm; [x]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 BcastDVRUserService_85cbe;GameDVR and Broadcast User Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 BEService;BattlEye Service;C:\Program Files (x86)\Common Files\BattlEye\BEService.exe [2017-9-30 6875688]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_85cbe;Bluetooth User Support Service_85cbe;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
S3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevicePickerUserSvc_85cbe;DevicePicker_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevicesFlowUserSvc_85cbe;DevicesFlow_85cbe;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-4-11 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EasyAntiCheat;EasyAntiCheat;C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [2018-3-30 775296]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface;C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [2015-5-22 881152]
S3 Intel(R) Security Assist;Intel(R) Security Assist;C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-5-19 335872]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_85cbe;MessagingService_85cbe;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-11-25 522688]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2018-4-8 31168]
S3 PAExec;PAExec;C:\Windows\PAExec.exe -service --> C:\Windows\PAExec.exe -service [?]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_85cbe;PrintWorkflow_85cbe;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-6-12 1921952]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-6-12 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-4-11 128416]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-5-27 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-4-11 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-4-11 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-4-11 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-4-11 292864]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
SUnknown aswbIDSAgent;aswbIDSAgent; [x]
SUnknown aswHwid;aswHwid; [x]
SUnknown aswStm;aswStm; [x]
SUnknown avast! Antivirus;avast! Antivirus; [x]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-06-17 19:24:35 58120 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\MpKsl7ea685a9.sys
2018-06-17 19:24:02 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{60E5F31C-20B4-4A07-AD5B-279502237159}\mpengine.dll
2018-06-17 18:50:04 -------- d-----w- C:\Program Files (x86)\Common Files\Oracle
2018-06-17 18:45:39 -------- d-----w- C:\Program Files\AVAST Software
2018-06-17 18:45:21 -------- d-----w- C:\ProgramData\AVAST Software
2018-06-16 21:56:25 14600328 ------w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-06-16 21:44:57 203680 ----a-w- C:\WINDOWS\System32\drivers\zamguard64.sys
2018-06-16 21:44:56 -------- d-----w- C:\Program Files (x86)\Zemana AntiMalware
2018-06-16 21:44:42 -------- d-----w- C:\Users\tj2792\AppData\Local\Zemana
2018-06-16 21:34:42 -------- d-----w- C:\Program Files\Malwarebytes
2018-06-13 02:49:01 7520000 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:01 6569960 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-06-13 02:49:00 25846784 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-06-01 01:09:17 95128 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Platform\4.16.17656.18052-0\X86\MpAsDesc.dll
2018-05-28 23:50:12 -------- d-----w- C:\Users\tj2792\AppData\Local\D3DSCache
2018-05-28 23:49:59 -------- d-----w- C:\ProgramData\Microsoft OneDrive
2018-05-28 23:48:23 -------- d-sh--we C:\ProgramData\Documents
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\good
2018-05-28 23:46:10 -------- d-----w- C:\WINDOWS\System32\wbem\MOF\bad
2018-05-28 23:42:48 552480 ----a-w- C:\WINDOWS\System32\OpenCL.DLL
2018-05-28 23:42:48 456608 ----a-w- C:\WINDOWS\SysWow64\OpenCL.DLL
2018-05-28 23:42:16 -------- d-----w- C:\WINDOWS\System32\wbem\MOF
2018-05-28 23:42:07 -------- d-----w- C:\WINDOWS\System32\SleepStudy
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\System32\Microsoft
2018-05-27 20:09:29 -------- d-----w- C:\WINDOWS\ServiceProfiles
2018-05-27 20:02:55 581120 ----a-w- C:\WINDOWS\SysWow64\hhctrl.ocx
2018-05-27 19:49:20 778936 ----a-w- C:\WINDOWS\SysWow64\PresentationNative_v0300.dll
2018-05-27 19:49:19 35456 ----a-w- C:\WINDOWS\SysWow64\TsWpfWrp.exe
2018-05-27 19:49:19 103120 ----a-w- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:18 124624 ----a-w- C:\WINDOWS\System32\PresentationCFFRasterizerNative_v0300.dll
2018-05-27 19:49:17 1166520 ----a-w- C:\WINDOWS\System32\PresentationNative_v0300.dll
2018-05-27 19:49:15 35456 ----a-w- C:\WINDOWS\System32\TsWpfWrp.exe
2018-05-27 19:47:32 3398144 ----a-w- C:\WINDOWS\SysWow64\xpsrchvw.exe
2018-05-27 19:47:31 575488 ----a-w- C:\WINDOWS\SysWow64\XpsFilt.dll
2018-05-27 19:47:30 82432 ----a-w- C:\WINDOWS\SysWow64\XPSSHHDR.dll
2018-05-27 19:47:30 100352 ----a-w- C:\WINDOWS\System32\XPSSHHDR.dll
2018-05-27 19:47:29 4492288 ----a-w- C:\WINDOWS\System32\xpsrchvw.exe
2018-05-27 19:47:28 925696 ----a-w- C:\WINDOWS\System32\XpsFilt.dll
2018-05-27 19:21:30 -------- d-----w- C:\.jagex_cache_32
2018-05-27 19:10:20 -------- d-----w- C:\Program Files (x86)\VulkanRT
2018-05-27 18:55:46 -------- dc----w- C:\WINDOWS\Panther
.
==================== Find3M ====================
.
2018-06-17 18:50:00 98760 ----a-w- C:\WINDOWS\SysWow64\WindowsAccessBridge-32.dll
2018-06-13 02:50:41 133315992 -c--a-w- C:\WINDOWS\System32\MRT-KB890830.exe
2018-06-08 19:07:06 506184 ----a-w- C:\WINDOWS\System32\systemreset.exe
2018-06-08 19:05:19 94112 ----a-w- C:\WINDOWS\System32\rdpudd.dll
2018-06-08 19:02:55 661160 ----a-w- C:\WINDOWS\System32\GenValObj.exe
2018-06-08 19:02:48 4527680 ----a-w- C:\WINDOWS\System32\sppsvc.exe
2018-06-08 19:02:19 1634808 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-06-08 19:01:11 1046944 ----a-w- C:\WINDOWS\System32\ReAgent.dll
2018-06-08 18:48:47 64000 ----a-w- C:\WINDOWS\System32\iemigplugin.dll
2018-06-08 18:47:25 144384 ----a-w- C:\WINDOWS\System32\drivers\mrxdav.sys
2018-06-08 18:46:37 584192 ----a-w- C:\WINDOWS\System32\UIRibbonRes.dll
2018-06-08 18:45:54 4392448 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2018-06-08 18:45:53 808960 ----a-w- C:\WINDOWS\System32\MBR2GPT.EXE
2018-06-08 18:45:39 1560576 ----a-w- C:\WINDOWS\System32\msdt.exe
2018-06-08 18:44:44 285184 ----a-w- C:\WINDOWS\System32\wlidcredprov.dll
2018-06-08 18:44:40 340992 ----a-w- C:\WINDOWS\System32\AcGenral.dll
2018-06-08 18:44:27 625152 ----a-w- C:\WINDOWS\System32\BootMenuUX.dll
2018-06-08 18:44:03 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-06-08 18:43:24 1719808 ----a-w- C:\WINDOWS\System32\dui70.dll
2018-06-08 18:43:20 1659904 ----a-w- C:\WINDOWS\System32\XpsPrint.dll
2018-06-08 18:43:15 2922496 ----a-w- C:\WINDOWS\System32\Windows.UI.Logon.dll
2018-06-08 18:43:11 3640832 ----a-w- C:\WINDOWS\System32\mstsc.exe
2018-06-08 18:43:06 1543680 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2018-06-08 18:43:05 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-06-08 18:42:57 1605632 ----a-w- C:\WINDOWS\System32\rdpcorets.dll
2018-06-08 18:42:50 3999232 ----a-w- C:\WINDOWS\System32\UIRibbon.dll
2018-06-08 18:42:39 3653120 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-06-08 18:42:21 2084864 ----a-w- C:\WINDOWS\System32\inetcpl.cpl
2018-06-08 18:42:01 503296 ----a-w- C:\WINDOWS\System32\sppcext.dll
2018-06-08 18:41:45 878080 ----a-w- C:\WINDOWS\System32\CPFilters.dll
2018-06-08 18:41:22 182272 ----a-w- C:\WINDOWS\System32\easwrt.dll
2018-06-08 18:41:13 577024 ----a-w- C:\WINDOWS\System32\SppExtComObj.Exe
2018-06-08 18:41:06 2019840 ----a-w- C:\WINDOWS\System32\ResetEngine.dll
2018-06-08 18:41:02 1180672 ----a-w- C:\WINDOWS\System32\reseteng.dll
2018-06-08 18:40:48 465920 ----a-w- C:\WINDOWS\System32\DXP.dll
2018-06-08 17:04:16 1454024 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-06-08 16:58:40 917408 ----a-w- C:\WINDOWS\SysWow64\ReAgent.dll
2018-06-08 16:50:10 1508352 ----a-w- C:\WINDOWS\SysWow64\msdt.exe
2018-06-08 16:47:51 231936 ----a-w- C:\WINDOWS\SysWow64\wlidcredprov.dll
2018-06-08 16:47:50 1032704 ----a-w- C:\WINDOWS\SysWow64\XpsPrint.dll
2018-06-08 16:47:31 2895872 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-06-08 16:47:30 3492864 ----a-w- C:\WINDOWS\SysWow64\UIRibbon.dll
2018-06-08 16:47:19 703488 ----a-w- C:\WINDOWS\SysWow64\CPFilters.dll
2018-06-08 16:47:12 1462784 ----a-w- C:\WINDOWS\SysWow64\dui70.dll
2018-06-08 16:46:55 908288 ----a-w- C:\WINDOWS\SysWow64\TSWorkspace.dll
2018-06-08 16:46:41 2016256 ----a-w- C:\WINDOWS\SysWow64\inetcpl.cpl
2018-06-08 16:46:35 3444224 ----a-w- C:\WINDOWS\SysWow64\mstsc.exe
2018-06-08 16:45:51 2401280 ----a-w- C:\WINDOWS\SysWow64\AcGenral.dll
2018-06-08 16:06:33 976384 ----a-w- C:\WINDOWS\System32\Spectrum.exe
2018-06-08 16:05:59 944640 ----a-w- C:\WINDOWS\System32\Windows.Mirage.Internal.dll
2018-06-08 16:05:24 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-06-08 14:00:19 658432 ----a-w- C:\WINDOWS\SysWow64\Windows.Mirage.Internal.dll
2018-06-08 14:00:16 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-06-08 10:38:23 5821544 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2018-06-08 10:37:27 2417840 ----a-w- C:\WINDOWS\SysWow64\d3d11.dll
2018-06-08 10:35:52 613144 ----a-w- C:\WINDOWS\SysWow64\dxgi.dll
2018-06-08 10:35:09 1613200 ----a-w- C:\WINDOWS\System32\D3D12.dll
2018-06-08 10:34:40 748512 ----a-w- C:\WINDOWS\System32\dxgi.dll
2018-06-08 10:34:21 1299056 ----a-w- C:\WINDOWS\SysWow64\D3D12.dll
2018-06-08 10:31:54 3180176 ----a-w- C:\WINDOWS\System32\d3d11.dll
2018-06-08 10:31:39 7900984 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2018-06-08 10:31:08 29600 ----a-w- C:\WINDOWS\System32\drivers\uefi.sys
2018-06-08 10:30:11 705440 ----a-w- C:\WINDOWS\System32\drivers\vhdmp.sys
2018-06-08 09:34:40 1140576 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-06-08 09:34:11 983016 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-06-08 09:33:58 1034632 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-06-08 09:33:53 1213368 ----a-w- C:\WINDOWS\System32\ClipUp.exe
2018-06-08 09:33:24 272296 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-06-08 09:33:22 269224 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-06-08 09:31:16 226720 ----a-w- C:\WINDOWS\System32\drivers\Ucx01000.sys
2018-06-08 09:31:07 1012640 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-06-08 09:31:00 1174432 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-06-08 09:29:47 1026976 ----a-w- C:\WINDOWS\System32\drivers\http.sys
2018-06-08 09:12:12 786176 ----a-w- C:\WINDOWS\SysWow64\rpcrt4.dll
2018-06-08 09:12:04 861616 ----a-w- C:\WINDOWS\SysWow64\msmpeg2adec.dll
2018-06-08 09:11:59 550616 ----a-w- C:\WINDOWS\SysWow64\mf.dll
2018-06-08 09:11:05 1461744 ----a-w- C:\WINDOWS\SysWow64\twinapi.appcore.dll
2018-06-08 09:10:39 97176 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2018-06-08 09:10:35 2479272 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2018-06-08 09:10:32 880152 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2018-06-08 09:10:31 457152 ----a-w- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
2018-06-08 09:10:30 1988072 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-06-08 09:10:25 2331584 ----a-w- C:\WINDOWS\SysWow64\msmpeg2vdec.dll
2018-06-08 09:10:19 1397200 ----a-w- C:\WINDOWS\SysWow64\MSVP9DEC.dll
2018-06-08 09:10:09 2307336 ----a-w- C:\WINDOWS\SysWow64\WMVDECOD.DLL
2018-06-08 09:10:03 1011992 ----a-w- C:\WINDOWS\SysWow64\AudioSes.dll
2018-06-08 09:04:02 4706816 ----a-w- C:\WINDOWS\System32\cdp.dll
2018-06-08 09:03:35 22005760 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-06-08 09:03:34 38400 ----a-w- C:\WINDOWS\System32\Windows.StateRepositoryCore.dll
2018-06-08 09:03:14 32256 ----a-w- C:\WINDOWS\System32\drivers\mskssrv.sys
2018-06-08 09:03:12 185344 ----a-w- C:\WINDOWS\System32\InstallServiceTasks.dll
2018-06-08 09:03:07 906752 ----a-w- C:\WINDOWS\System32\Windows.Globalization.PhoneNumberFormatting.dll
2018-06-08 09:02:51 96768 ----a-w- C:\WINDOWS\System32\usoapi.dll
2018-06-08 09:02:35 59904 ----a-w- C:\WINDOWS\System32\edpnotify.exe
2018-06-08 09:02:00 35840 ----a-w- C:\WINDOWS\System32\TokenBrokerCookies.exe
2018-06-08 09:01:56 182272 ----a-w- C:\WINDOWS\System32\BitLockerCsp.dll
2018-06-08 09:01:54 342528 ----a-w- C:\WINDOWS\System32\browserexport.exe
2018-06-08 09:01:46 46080 ----a-w- C:\WINDOWS\System32\tbauth.dll
2018-06-08 09:01:36 46080 ----a-w- C:\WINDOWS\System32\drivers\hidparse.sys
2018-06-08 09:01:30 295424 ----a-w- C:\WINDOWS\System32\FSClient.dll
.
============= FINISH: 15:28:42.52 ===============