Slow Internet, OpenLoader Ads, and Google Chrome Homepage Redirects

Been having problems recently with Openloader ads popping up every few seconds in my bottom right corner

Having problems with slower internet in general

And my google chrome homepage keeps redirecting to this weird webpage involving PDFs

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.17134.1
Run by willz at 19:42:23 on 2018-10-11
Microsoft Windows 10 Pro 10.0.17134.0.1252.1.1033.18.7851.3532 [GMT -4:00]
.
AV: Avira Antivirus *Enabled/Updated* {B3F630BD-538D-1B4A-14FA-14B63235278F}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Avira Antivirus *Enabled/Updated* {0897D159-75B7-14C4-2E4A-2FC449B26D32}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
c:\windows\system32\svchost.exe -k dcomlaunch -p -s PlugPlay
C:\WINDOWS\system32\fontdrvhost.exe
C:\WINDOWS\system32\svchost.exe -k DcomLaunch -p
C:\Windows\System32\WUDFHost.exe
c:\windows\system32\svchost.exe -k rpcss -p
c:\windows\system32\svchost.exe -k dcomlaunch -p -s LSM
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\fontdrvhost.exe
c:\windows\system32\svchost.exe -k localservice -p -s BthAvctpSvc
c:\windows\system32\svchost.exe -k localservice -p -s bthserv
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NcbService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s TimeBrokerSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s NgcSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SensorService
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s EventLog
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s BTAGService
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DeviceAssociationService
C:\WINDOWS\system32\dwm.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s ProfSvc
c:\windows\system32\svchost.exe -k appmodel -p -s camsvc
c:\windows\system32\svchost.exe -k netsvcs -p -s lfsvc
c:\windows\system32\svchost.exe -k localservice -p -s nsi
c:\windows\system32\svchost.exe -k netsvcs -p -s UserManager
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s Dhcp
C:\WINDOWS\system32\ibmpmsvc.exe
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s SysMain
c:\windows\system32\svchost.exe -k netsvcs -p -s Themes
c:\windows\system32\svchost.exe -k localservice -p -s EventSystem
C:\WINDOWS\system32\LPlatSvc.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s Schedule
c:\windows\system32\svchost.exe -k networkservice -p -s NlaSvc
c:\windows\system32\svchost.exe -k localservice -p -s PhoneSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s SENS
c:\windows\system32\svchost.exe -k localservice -p -s netprofm
C:\WINDOWS\system32\igfxCUIService.exe
c:\windows\system32\svchost.exe -k localservice -p -s FontCache
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s AudioEndpointBuilder
C:\WINDOWS\system32\svchost.exe -k LocalService -p
c:\windows\system32\svchost.exe -k netsvcs -p -s Winmgmt
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TabletInputService
C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
c:\windows\system32\svchost.exe -k networkservice -p -s Dnscache
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted -p
c:\windows\system32\svchost.exe -k appmodel -p -s StateRepository
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s WinHttpAutoProxySvc
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted -p
c:\windows\system32\svchost.exe -k netsvcs -p -s ShellHWDetection
C:\WINDOWS\System32\spoolsv.exe
c:\windows\system32\svchost.exe -k localservicenonetwork -p
C:\Program Files (x86)\Avira\Antivirus\sched.exe
c:\windows\system32\svchost.exe -k networkservice -p -s LanmanWorkstation
C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe
C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe
C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe
C:\Program Files (x86)\Avira\Antivirus\avguard.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe
C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe
C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe
c:\windows\system32\svchost.exe -k networkservice -p -s CryptSvc
C:\WINDOWS\System32\svchost.exe -k utcsvc -p
c:\windows\system32\svchost.exe -k localservicenonetwork -p -s DPS
C:\WINDOWS\system32\ibtsiva.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s iphlpsvc
C:\ProgramData\KMSAutoS\bin\KMSSS.exe
C:\Program Files\LENOVO\HOTKEY\MICMUTE.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s LanmanServer
c:\windows\system32\svchost.exe -k localservice -p -s SstpSvc
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
C:\Program Files\LENOVO\HOTKEY\TPHKLOAD.exe
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s TrkWks
C:\Program Files (x86)\Popcorn Time\Updater.exe
C:\WINDOWS\system32\valWbioSyncSvc.exe
C:\WINDOWS\system32\valWBFPolicyService.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s WpnService
c:\windows\system32\svchost.exe -k localservice -p -s WdiServiceHost
c:\windows\system32\svchost.exe -k netsvcs
C:\WINDOWS\system32\wbem\wmiprvse.exe
c:\windows\system32\svchost.exe -k networkservicenetworkrestricted -p -s PolicyAgent
C:\WINDOWS\system32\AUDIODG.EXE
c:\windows\system32\svchost.exe -k netsvcs -p -s Browser
C:\WINDOWS\system32\wbem\unsecapp.exe
C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
C:\Program Files\Synaptics\SynFp\Shared\SensorDBSynch.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPNUMLKD.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
c:\windows\system32\sihost.exe
C:\PROGRA~1\Lenovo\HOTKEY\TPOSD.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s CDPUserSvc
C:\PROGRA~1\Lenovo\HOTKEY\SHTCTKY.EXE
C:\PROGRA~1\Lenovo\HOTKEY\DFRCTL.EXE
c:\windows\system32\svchost.exe -k unistacksvcgroup -s WpnUserService
c:\windows\system32\taskhostw.exe
C:\Program Files\Synaptics\SynTP\SynTPLpr.exe
C:\Program Files\Synaptics\SynTP\SynLenovoHelper.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s TokenBroker
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s PcaSvc
c:\windows\system32\svchost.exe -k netsvcs -p -s Appinfo
C:\WINDOWS\system32\igfxEM.exe
C:\WINDOWS\system32\igfxHK.exe
C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
C:\WINDOWS\Explorer.EXE
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s NgcCtnrSvc
c:\windows\system32\svchost.exe -k localservice -p -s CDPSvc
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Windows\System32\RuntimeBroker.exe
c:\windows\system32\svchost.exe -k localservice -p -s LicenseManager
C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.210.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\WindowsApps\Microsoft.MicrosoftOfficeHub_17.10314.31700.1000_x64__8wekyb3d8bbwe\Office16\OfficeHubTaskHost.exe
C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.10311.0_x64__8wekyb3d8bbwe\Video.UI.exe
C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\Avira\VPN\Avira.WebAppHost.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
c:\windows\system32\svchost.exe -k unistacksvcgroup
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\iTunes\iTunesHelper.exe
C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\DAEMON Tools Lite\DTAgent.exe
C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
C:\Users\willz\AppData\Roaming\uTorrent\updates\3.5.4_44632\utorrentie.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
C:\Program Files\Google\Drive\googledrivesync.exe
C:\Program Files (x86)\Gyazo\GyStation.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe
C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\crashpad_handler.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe
C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\acrotray.exe
c:\windows\system32\svchost.exe -k localserviceandnoimpersonation -p -s SSDPSRV
C:\Program Files\CCleaner\CCleaner64.exe
C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
c:\windows\system32\svchost.exe -k netsvcs -p
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -p -s wscsvc
c:\windows\system32\svchost.exe -k networkservice -p -s DoSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s StorSvc
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18081.14710.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
C:\Windows\System32\RuntimeBroker.exe
C:\WINDOWS\system32\ApplicationFrameHost.exe
C:\Program Files\WindowsApps\Microsoft.WindowsStore_11809.1001.8.0_x64__8wekyb3d8bbwe\WinStore.App.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1808.2461.0_x64__8wekyb3d8bbwe\Calculator.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s BITS
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s wlidsvc
C:\Program Files\Common Files\microsoft shared\ink\TabTip.exe
c:\windows\system32\svchost.exe -k devicesflow -s DevicesFlowUserSvc
c:\windows\system32\svchost.exe -k devicesflow -s DevicePickerUserSvc
C:\Windows\System32\SystemSettingsBroker.exe
c:\windows\system32\svchost.exe -k localservicenetworkrestricted -s RmSvc
c:\windows\system32\svchost.exe -k localsystemnetworkrestricted -p -s DsSvc
C:\Program Files (x86)\Avira\Safe Shopping\Avira Safe Shopping.exe
c:\windows\system32\svchost.exe -k netsvcs -p -s seclogon
C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p -s WdiSystemHost
C:\WINDOWS\system32\svchost.exe -k netsvcs -p -s gpsvc
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p -s lmhosts
C:\WINDOWS\system32\LPlatSvc.exe
C:\Windows\System32\smartscreen.exe
c:\windows\system32\taskhostw.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
C:\WINDOWS\system32\SearchProtocolHost.exe
C:\WINDOWS\system32\SearchFilterHost.exe
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uLocal Page = %11%\blank.htm
uDefault_Page_URL = MSN | Outlook, Office, Skype, Bing, Breaking News, and Latest Videos
BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\AcroIEFavClient.dll
uRun: [OneDrive] "C:\Users\willz\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [uTorrent] "C:\Users\willz\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
uRun: [DAEMON Tools Lite Automount] "C:\Program Files\DAEMON Tools Lite\DTAgent.exe" -autorun
uRun: [GoogleDriveSync] "C:\Program Files\Google\Drive\googledrivesync.exe" /autostart
uRun: [Gyazo] C:\Program Files (x86)\Gyazo\GyStation.exe
uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
uRun: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe
uRun: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe
uRun: [GoogleDriveFS] "C:\Program Files\Google\Drive File Stream\27.1.49.1806\GoogleDriveFS.exe"
uRun: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
mRun: [Acrobat Assistant 8.0] "C:\Program Files (x86)\Adobe\Acrobat 11.0\Acrobat\Acrotray.exe"
mRun: [Avira SystrayStartTrigger] "C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe"
mRun: [Avira System Speedup User Starter] "C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe"
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: EnableFullTrustStartupTasks = dword:2
mPolicies-System: EnableUwpStartupTasks = dword:2
mPolicies-System: SupportFullTrustStartupTasks = dword:1
mPolicies-System: SupportUwpStartupTasks = dword:1
mPolicies-System: FilterAdministratorToken = dword:1
IE: E&xport to Microsoft Excel - C:\Program Files (x86)\Microsoft Office\Root\Office16\EXCEL.EXE/3000
IE: Se&nd to OneNote - C:\Program Files (x86)\Microsoft Office\Root\Office16\ONBttnIE.dll/105
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIE.dll
IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\Office16\ONBttnIELinkedNotes.dll
TCP: NameServer = 192.168.1.1
TCP: Interfaces\{9d2b6da9-4e1c-4d69-b0e3-a1acccb21c30} : DHCPNameServer = 172.20.10.1
TCP: Interfaces\{bd83ffd0-76de-4659-b900-e86cd64a0637} : DHCPNameServer = 10.1.5.55 10.1.5.51
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb} : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\6496F637D284A5354554 : DHCPNameServer = 192.168.1.1
TCP: Interfaces\{cdfe224f-bd07-46c8-98f2-e36e256027fb}\679667967796C6C6 : DHCPNameServer = 192.168.1.1
Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
SSODL: WebCheck - <orphaned>
LSA: Security Packages = ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Skype for Business Browser Helper: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-BHO: Adobe Acrobat Create PDF Helper: {AE7CD045-E861-484f-8273-0445EE161910} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-BHO: Adobe Acrobat Create PDF from Selection: {F4971EE7-DAA0-4053-9964-665D8EE6A077} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-TB: Adobe Acrobat Create PDF Toolbar: {47833539-D0C5-4125-9FA8-0819E2EAAC93} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\WCIEActiveX\x64\AcroIEFavClient.dll
x64-Run: [SecurityHealth] C:\Program Files (x86)\Windows Defender\MSASCuiL.exe
x64-Run: [AdobeAAMUpdater-1.0] "C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe"
x64-Run: [AdobeGCInvoker-1.0] "C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe"
x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: EnableFullTrustStartupTasks = dword:2
x64-mPolicies-System: EnableUwpStartupTasks = dword:2
x64-mPolicies-System: SupportFullTrustStartupTasks = dword:1
x64-mPolicies-System: SupportUwpStartupTasks = dword:1
x64-mPolicies-System: FilterAdministratorToken = dword:1
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIE.dll
x64-IE: {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\MSOXMLMF.DLL
x64-Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - <orphaned>
x64-Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - <orphaned>
x64-Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - <orphaned>
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
x64-SSODL: WebCheck - <orphaned>
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\69.0.3497.100\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 avdevprot;avdevprot;C:\WINDOWS\System32\drivers\avdevprot.sys [2017-12-4 69656]
R0 avusbflt;avusbflt;C:\WINDOWS\System32\drivers\avusbflt.sys [2017-12-4 38048]
R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2017-11-28 1455552]
R0 IntelHSWPcc;IntelHSWPcc;C:\WINDOWS\System32\drivers\IntelPcc.sys [2017-11-28 88256]
R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2018-4-11 177192]
R0 iorate;Disk I/O Rate Filter Driver;C:\WINDOWS\System32\drivers\iorate.sys [2018-4-11 58272]
R0 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2018-4-11 304032]
R0 SgrmAgent;System Guard Runtime Monitor Agent;C:\WINDOWS\System32\drivers\SgrmAgent.sys [2018-4-11 63896]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2018-4-11 16288]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2018-7-10 72768]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2018-4-11 18472]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2018-4-11 209816]
R1 afunix;afunix;C:\WINDOWS\System32\drivers\afunix.sys [2018-4-11 39424]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2018-4-11 254464]
R1 avkmgr;avkmgr;C:\WINDOWS\System32\drivers\avkmgr.sys [2017-12-4 44488]
R1 bam;Background Activity Moderator Driver;C:\WINDOWS\System32\drivers\bam.sys [2018-4-11 60320]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2018-4-11 55808]
R1 googledrivefs2506;googledrivefs2506;C:\WINDOWS\System32\drivers\googledrivefs2506.sys [2018-9-5 117616]
R1 googledrivefs2534;googledrivefs2534;C:\WINDOWS\System32\drivers\googledrivefs2534.sys [2018-9-25 119760]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2018-4-11 8192]
R1 SMIDriverGen;Synaptics SMI Driver;C:\WINDOWS\System32\drivers\smi.sys [2017-11-28 40176]
R2 AGMService;Adobe Genuine Monitor Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGMService.exe [2018-5-11 2910696]
R2 AGSService;Adobe Genuine Software Integrity Service;C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGSService.exe [2016-3-3 2704872]
R2 AntiVirSchedulerService;Avira Scheduler;C:\Program Files (x86)\Avira\Antivirus\sched.exe [2017-12-4 226000]
R2 AntiVirService;Avira Real-Time Protection;C:\Program Files (x86)\Avira\Antivirus\avguard.exe [2017-12-4 226000]
R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2018-3-29 83768]
R2 avgntflt;avgntflt;C:\WINDOWS\System32\drivers\avgntflt.sys [2017-12-4 179376]
R2 Avira.ServiceHost;Avira Service Host;C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [2018-8-17 436848]
R2 AviraOptimizerHost;Avira Optimizer Host;C:\Program Files (x86)\Avira\Optimizer Host\Avira.OptimizerHost.exe [2018-3-9 2940584]
R2 AviraPhantomVPN;Avira Phantom VPN;C:\Program Files (x86)\Avira\VPN\Avira.VpnService.exe [2018-8-14 338888]
R2 AviraUpdaterService;Avira Updater Service;C:\Program Files (x86)\Avira\SoftwareUpdater\Avira.SoftwareUpdater.ServiceHost.exe [2018-9-20 102816]
R2 avnetflt;avnetflt;C:\WINDOWS\System32\drivers\avnetflt.sys [2017-12-4 88488]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R2 CDPUserSvc_95cd1;Connected Devices Platform User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 CldFlt;Windows Cloud Files Filter Driver;C:\WINDOWS\System32\drivers\cldflt.sys [2018-8-14 414720]
R2 ClickToRunSvc;Microsoft Office Click-to-Run Service;C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe [2017-12-4 9680472]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork -p [2018-4-11 51288]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc -p [2018-4-11 51288]
R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
R2 DusmSvc;Data Usage;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R2 ibtsiva;Intel Bluetooth Service;C:\WINDOWS\System32\ibtsiva --> C:\WINDOWS\System32\ibtsiva [?]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service;C:\WINDOWS\System32\igfxCUIService.exe [2016-11-23 382456]
R2 KMSEmulator;KMS-host Service;C:\ProgramData\KMSAutoS\bin\KMSSS.exe [2017-12-4 301056]
R2 LENOVO.MICMUTE;Lenovo Microphone Mute;C:\Program Files\Lenovo\HOTKEY\micmute.exe [2017-12-5 119584]
R2 LPlatSvc;Lenovo Platform Service;C:\WINDOWS\System32\LPlatSvc.exe [2017-11-28 711248]
R2 MBAMService;Malwarebytes Service;C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [2018-9-16 6541008]
R2 OneSyncSvc_95cd1;Sync Host_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R2 RtkAudioService;Realtek Audio Service;C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [2017-9-1 333296]
R2 SecurityHealthService;Windows Defender Security Center Service;C:\WINDOWS\System32\SecurityHealthService.exe [2018-8-14 760888]
R2 SgrmBroker;System Guard Runtime Monitor Broker;C:\WINDOWS\System32\SgrmBroker.exe [2018-4-11 163336]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2018-4-11 82432]
R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-10-2 259176]
R2 TPHKLOAD;Lenovo Hotkey Client Loader;C:\Program Files\Lenovo\HOTKEY\tphkload.exe [2017-12-5 135456]
R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2017-12-4 339968]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 valWBFPolicyService;Synaptics FP WBF Policy Service;C:\WINDOWS\System32\valWBFPolicyService.exe [2017-11-28 86544]
R2 valWbioSyncSvc;BiometricSensorDataSynchronization;C:\WINDOWS\System32\valWbioSyncSvc.exe [2017-11-28 56848]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2018-4-11 151960]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R2 WpnUserService_95cd1;Windows Push Notifications User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 BTAGService;Bluetooth Audio Gateway Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
R3 BthA2DP;Bluetooth Stereo;C:\WINDOWS\System32\drivers\BthA2DP.sys [2018-4-11 198144]
R3 BthAvctpSvc;AVCTP service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 BthHFAud;Bluetooth Hands-Free;C:\WINDOWS\System32\drivers\BthHfAud.sys [2018-4-11 48640]
R3 BthLEEnum;Bluetooth Low Energy Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys [2018-4-11 86528]
R3 CAD;Charge Arbitration Driver;C:\WINDOWS\System32\drivers\CAD.sys [2018-4-11 60320]
R3 camsvc;Capability Access Manager Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 CM3218x;CM3218x SPB Driver;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
R3 CPLMACPI;Capella Micro CPLMACPI Sensor Filter;C:\WINDOWS\System32\drivers\CPLMACPI.sys [2017-11-28 28136]
R3 DevicePickerUserSvc_95cd1;DevicePicker_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 DevicesFlowUserSvc_95cd1;DevicesFlow_95cd1;C:\WINDOWS\System32\svchost.exe -k DevicesFlow [2018-4-11 51288]
R3 Disc Soft Lite Bus Service;Disc Soft Lite Bus Service;C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [2017-8-14 2291904]
R3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 dtlitescsibus;DAEMON Tools Lite Virtual SCSI Bus;C:\WINDOWS\System32\drivers\dtlitescsibus.sys [2017-12-4 30264]
R3 dtliteusbbus;DAEMON Tools Lite Virtual USB Bus;C:\WINDOWS\System32\drivers\dtliteusbbus.sys [2017-12-4 47672]
R3 e1dexpress;Intel(R) PRO/1000 PCI Express Network Connection Driver D;C:\WINDOWS\System32\drivers\e1d64x64.sys [2014-3-14 457496]
R3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2018-4-11 113152]
R3 ibtusb;Intel(R) Wireless Bluetooth(R);C:\WINDOWS\System32\drivers\ibtusb.sys [2017-11-28 231944]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\mbamswissarmy.sys [2018-10-8 259360]
R3 Microsoft_Bluetooth_AvrcpTransport;Microsoft Bluetooth Avrcp Transport Driver;C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys [2018-4-11 46592]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2018-4-11 20992]
R3 NETwNb64;Intel(R) Wireless Adapter Driver for Windows 8.1 - 64 Bit;C:\WINDOWS\System32\drivers\Netwbw02.sys [2017-10-17 3530176]
R3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 PimIndexMaintenanceSvc_95cd1;Contact Data_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 SEMgrSvc;Payments and NFC/SE Manager;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
R3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
R3 SmbDrvI;SmbDrvI;C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys [2017-12-4 51296]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
R3 TokenBroker;Web Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
R3 UnistoreSvc_95cd1;User Data Storage_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 UserDataSvc_95cd1;User Data Access_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2018-4-11 264192]
S2 AntiVirMailService;Avira Mail Protection;C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [2017-12-4 895056]
S2 AntiVirWebService;Avira Web Protection;C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [2017-12-4 1148568]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService -p [2018-4-11 51288]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2018-4-11 20480]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2018-4-11 1135520]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 AppleKmdfFilter;Apple KMDF Filter Driver;C:\WINDOWS\System32\drivers\AppleKmdfFilter.sys [2018-4-18 20640]
S3 AppleLowerFilter;Apple Lower Filter Driver;C:\WINDOWS\System32\drivers\AppleLowerFilter.sys [2018-4-18 35560]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2018-4-11 18432]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness -p [2018-4-11 51288]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2018-4-11 127384]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2018-4-11 162712]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2018-4-11 143768]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 AssignedAccessManagerSvc;AssignedAccessManager Service;C:\WINDOWS\System32\svchost.exe -k AssignedAccessManagerSvc [2018-4-11 51288]
S3 BcastDVRUserService_95cd1;GameDVR and Broadcast User Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BcastDVRUserService [2018-4-11 51288]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2018-4-11 9728]
S3 bindflt;Windows Bind Filter Driver;C:\WINDOWS\System32\drivers\bindflt.sys [2018-4-11 92056]
S3 BluetoothUserService_95cd1;Bluetooth User Support Service_95cd1;C:\WINDOWS\System32\svchost.exe -k BthAppGroup [2018-4-11 51288]
S3 bttflt;Microsoft Hyper-V VHDPMEM BTT Filter;C:\WINDOWS\System32\drivers\bttflt.sys [2018-4-11 38304]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2018-4-11 39936]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2018-4-11 123392]
S3 CaptureService_95cd1;CaptureService_95cd1;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2018-4-11 321432]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2018-4-11 1836952]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx -p [2018-4-11 51288]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2018-8-14 90624]
S3 diagsvc;Diagnostic Execution Service;C:\WINDOWS\System32\svchost.exe -k diagnostics [2018-4-11 51288]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 ETDSMBus;ETDSMBus;C:\WINDOWS\System32\drivers\ETDSMBus.sys [2017-11-28 32848]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2018-4-11 51288]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2018-4-11 20992]
S3 GraphicsPerfSvc;GraphicsPerfSvc;C:\WINDOWS\System32\svchost.exe -k GraphicsPerfSvcGroup [2018-4-11 51288]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2018-4-11 50592]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver;C:\WINDOWS\System32\drivers\mshwnclx.sys [2018-4-11 27136]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2018-4-11 36864]
S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2018-4-11 91648]
S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2018-4-11 79360]
S3 iaLPSS2i_GPIO2_BXT_P;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys [2018-4-11 88576]
S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2018-4-11 171520]
S3 iaLPSS2i_I2C_BXT_P;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys [2018-4-11 174592]
S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2018-4-11 38128]
S3 iaStorAVC;Intel Chipset SATA RAID Controller;C:\WINDOWS\System32\drivers\iaStorAVC.sys [2018-4-11 885144]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2018-4-11 526232]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2018-4-11 38912]
S3 InstallService;Microsoft Store Install Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 IntcDAud;Intel(R) Display Audio;C:\WINDOWS\System32\drivers\IntcDAud.sys [2016-5-12 481768]
S3 IPT;IPT;C:\WINDOWS\System32\drivers\ipt.sys [2018-4-11 32256]
S3 IpxlatCfgSvc;IP Translation Configuration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 ItSas35i;ItSas35i;C:\WINDOWS\System32\drivers\ItSas35i.sys [2018-4-11 145816]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2018-4-11 124312]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2018-4-11 128408]
S3 LxpSvc;Language Experience Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2018-4-11 51288]
S3 mausbhost;MA-USB Host Controller Driver;C:\WINDOWS\System32\drivers\mausbhost.sys [2018-4-11 505240]
S3 mausbip;MA-USB IP Filter Driver;C:\WINDOWS\System32\drivers\mausbip.sys [2018-4-11 56736]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2018-4-11 75160]
S3 megasas35i;megasas35i;C:\WINDOWS\System32\drivers\megasas35i.sys [2018-4-11 82328]
S3 MessagingService_95cd1;MessagingService_95cd1;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2018-4-11 51288]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2018-4-11 842648]
S3 NaturalAuthentication;Natural Authentication;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2018-4-11 108952]
S3 Netaapl;Apple Mobile Device Ethernet Service;C:\WINDOWS\System32\drivers\netaapl64.sys [2017-11-28 32352]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2018-4-11 175104]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2018-4-11 197632]
S3 nvdimm;Microsoft NVDIMM device driver;C:\WINDOWS\System32\drivers\nvdimm.sys [2018-4-11 104448]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2018-4-11 58776]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2018-4-11 61848]
S3 phantomtap;Phantom TAP-Windows Adapter V9;C:\WINDOWS\System32\drivers\phantomtap.sys [2017-10-25 45056]
S3 PNPMEM;Microsoft Memory Module Driver;C:\WINDOWS\System32\drivers\pnpmem.sys [2018-4-11 16896]
S3 PrintWorkflowUserSvc_95cd1;PrintWorkflow_95cd1;C:\WINDOWS\System32\svchost.exe -k PrintWorkflow [2018-4-11 51288]
S3 PushToInstall;Windows PushToInstall Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 Ramdisk;Windows RAM Disk Driver;C:\WINDOWS\System32\drivers\ramdisk.sys [2018-4-11 39840]
S3 ReFS;ReFS;C:\WINDOWS\System32\drivers\refs.sys [2018-7-10 1921944]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2018-7-10 945568]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k rdxgroup [2018-4-11 51288]
S3 rhproxy;Resource Hub proxy driver;C:\WINDOWS\System32\drivers\rhproxy.sys [2018-4-11 104448]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2018-4-11 51288]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2018-8-14 128920]
S3 SDFRd;SDF Reflector;C:\WINDOWS\System32\drivers\SDFRd.sys [2018-4-11 33176]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2018-8-14 4737448]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2018-4-11 1273344]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2018-4-11 154528]
S3 SharedRealitySvc;Spatial Data Service;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2018-4-11 51288]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 SpatialGraphFilter;Holographic Spatial Graph Filter;C:\WINDOWS\System32\drivers\SpatialGraphFilter.sys [2018-4-11 57752]
S3 spectrum;Windows Perception Service;C:\WINDOWS\System32\Spectrum.exe [2018-6-12 976384]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2018-6-12 105368]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2018-7-10 48544]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2018-4-11 303616]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2018-4-11 128512]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2018-4-11 152576]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2018-4-11 57856]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2018-4-11 45056]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2018-6-12 29600]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2018-4-11 282008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2018-4-11 98200]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2018-4-11 144288]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2018-4-11 29088]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2018-4-11 67992]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2018-4-11 28064]
S3 VacSvc;Volumetric Audio Compositor Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2018-4-11 35328]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2018-8-14 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted -p [2018-4-11 51288]
S3 WaaSMedicSvc;Windows Update Medic Service;C:\WINDOWS\System32\svchost.exe -k wusvcs -p [2018-4-11 51288]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel -p [2018-4-11 51288]
S3 WarpJITSvc;WarpJITSvc;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2018-4-11 51288]
S3 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2018-4-11 82944]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2018-6-12 781824]
S3 WdmCompanionFilter;WdmCompanionFilter;C:\WINDOWS\System32\drivers\WdmCompanionFilter.sys [2018-4-11 21408]
S3 WdNisDrv;Windows Defender Antivirus Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2018-4-11 44032]
S3 WdNisSvc;Windows Defender Antivirus Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2018-4-11 4451616]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2018-4-11 51288]
S3 WFDSConMgrSvc;Wi-Fi Direct Services Connection Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2018-4-11 32152]
S3 WinNat;Windows NAT Driver;C:\WINDOWS\System32\drivers\winnat.sys [2018-8-14 227840]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2018-4-11 64920]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 wlpasvc;Local Profile Assistant Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted -p [2018-4-11 51288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S3 WpcMonSvc;Parental Controls;C:\WINDOWS\System32\svchost.exe -k LocalService [2018-4-11 51288]
S3 xbgm;Xbox Game Monitoring;C:\WINDOWS\System32\xbgmsvc.exe [2018-4-11 59512]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2018-7-10 295424]
S3 XboxGipSvc;Xbox Accessory Management Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2018-4-11 46592]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2018-5-19 826776]
S4 hvcrash;hvcrash;C:\WINDOWS\System32\drivers\hvcrash.sys [2018-4-11 33184]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs -p [2018-4-11 51288]
S4 ssh-agent;OpenSSH Authentication Agent;C:\WINDOWS\System32\OpenSSH\ssh-agent.exe [2018-4-12 495616]
S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService -p [2018-4-11 51288]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2018-4-11 40344]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2018-4-11 1189376]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2018-10-08 23:10:21 259360 ----a-w- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
2018-09-26 07:08:52 215328 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
2018-09-26 07:08:50 474432 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\LICLUA.EXE
2018-09-26 07:08:50 29976 ----a-w- C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\Office Setup Controller\pkeyconfig.companion.dll
2018-09-25 23:06:05 119760 ----a-w- C:\WINDOWS\System32\drivers\googledrivefs2534.sys
2018-09-16 23:27:10 -------- d-----w- C:\Users\willz\AppData\Local\mbam
2018-09-16 23:26:33 152688 ----a-w- C:\WINDOWS\System32\drivers\mbae64.sys
2018-09-16 23:26:26 -------- d-----w- C:\ProgramData\Malwarebytes
2018-09-16 23:26:26 -------- d-----w- C:\Program Files\Malwarebytes
2018-09-12 22:11:59 -------- d-----w- C:\Program Files (x86)\Microsoft OneDrive
.
==================== Find3M ====================
.
2018-10-10 03:06:44 180 ----a-w- C:\WINDOWS\System32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2018-10-02 20:13:10 835152 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2018-10-02 20:13:10 179792 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2018-09-21 09:23:39 257848 ----a-w- C:\WINDOWS\System32\AppVFileSystemMetadata.dll
2018-09-21 09:01:45 171520 ----a-w- C:\WINDOWS\System32\itss.dll
2018-09-21 08:12:50 150016 ----a-w- C:\WINDOWS\SysWow64\itss.dll
2018-09-21 04:14:11 661056 ----a-w- C:\WINDOWS\SysWow64\evr.dll
2018-09-21 04:13:06 480568 ----a-w- C:\WINDOWS\System32\dcntel.dll
2018-09-21 04:12:09 1035256 ----a-w- C:\WINDOWS\System32\ApplyTrustOffline.exe
2018-09-21 04:11:36 753056 ----a-w- C:\WINDOWS\System32\evr.dll
2018-09-21 04:09:49 1062920 ----a-w- C:\WINDOWS\System32\SecConfig.efi
2018-09-21 04:09:45 4790160 ----a-w- C:\WINDOWS\SysWow64\mfcore.dll
2018-09-21 04:09:23 1427968 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll
2018-09-21 04:09:18 129088 ----a-w- C:\WINDOWS\SysWow64\mfps.dll
2018-09-21 04:08:40 709936 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2018-09-21 04:08:37 170808 ----a-w- C:\WINDOWS\System32\drivers\ksecpkg.sys
2018-09-21 04:08:19 4404720 ----a-w- C:\WINDOWS\System32\mfcore.dll
2018-09-21 04:08:15 1566720 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll
2018-09-21 04:08:11 1140672 ----a-w- C:\WINDOWS\System32\winresume.efi
2018-09-21 04:08:09 1257864 ----a-w- C:\WINDOWS\System32\winload.exe
2018-09-21 04:08:07 1456720 ----a-w- C:\WINDOWS\System32\winload.efi
2018-09-21 04:08:06 261008 ----a-w- C:\WINDOWS\System32\mfps.dll
2018-09-21 04:08:00 982600 ----a-w- C:\WINDOWS\System32\winresume.exe
2018-09-21 04:07:51 604664 ----a-w- C:\WINDOWS\System32\securekernel.exe
2018-09-21 03:58:23 5307392 ----a-w- C:\WINDOWS\SysWow64\d2d1.dll
2018-09-21 03:57:26 2900992 ----a-w- C:\WINDOWS\SysWow64\dwmcore.dll
2018-09-21 03:57:00 1361408 ----a-w- C:\WINDOWS\SysWow64\MSPhotography.dll
2018-09-21 03:56:11 331264 ----a-w- C:\WINDOWS\SysWow64\edgeIso.dll
2018-09-21 03:54:30 251904 ----a-w- C:\WINDOWS\SysWow64\msIso.dll
2018-09-21 03:53:32 1006080 ----a-w- C:\WINDOWS\SysWow64\wpnapps.dll
2018-09-21 03:43:38 1627136 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2018-09-21 03:42:00 209408 ----a-w- C:\WINDOWS\System32\AppXApplicabilityBlob.dll
2018-09-21 03:41:32 3396096 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll
2018-09-21 03:40:03 2368000 ----a-w- C:\WINDOWS\System32\WebRuntimeManager.dll
2018-09-21 03:39:56 625152 ----a-w- C:\WINDOWS\System32\PsmServiceExtHost.dll
2018-09-21 03:39:42 1708544 ----a-w- C:\WINDOWS\System32\MSPhotography.dll
2018-09-21 03:39:13 1535488 ----a-w- C:\WINDOWS\System32\lsasrv.dll
2018-09-21 03:39:12 3320320 ----a-w- C:\WINDOWS\System32\dwmcore.dll
2018-09-21 03:38:30 2172928 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2018-09-21 03:38:14 1551360 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.desktop.dll
2018-09-21 03:37:34 2236928 ----a-w- C:\WINDOWS\System32\win32kbase.sys
2018-09-21 03:37:09 1211904 ----a-w- C:\WINDOWS\System32\wpnapps.dll
2018-09-21 03:37:07 604160 ----a-w- C:\WINDOWS\System32\updatehandlers.dll
2018-09-21 03:36:59 401920 ----a-w- C:\WINDOWS\System32\rascustom.dll
2018-09-21 03:36:52 1034240 ----a-w- C:\WINDOWS\System32\modernexecserver.dll
2018-09-21 03:36:38 1159680 ----a-w- C:\WINDOWS\System32\rpcss.dll
2018-09-21 03:36:33 505344 ----a-w- C:\WINDOWS\System32\edgeIso.dll
2018-09-20 09:40:54 348160 ----a-w- C:\WINDOWS\System32\MusNotifyIcon.exe
2018-09-20 09:37:39 1634944 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2018-09-20 09:23:59 6602240 ----a-w- C:\WINDOWS\System32\twinui.dll
2018-09-20 09:19:32 1121792 ----a-w- C:\WINDOWS\System32\TSWorkspace.dll
2018-09-20 09:18:29 327168 ----a-w- C:\WINDOWS\System32\rdpinit.exe
2018-09-20 09:18:20 3649024 ----a-w- C:\WINDOWS\System32\win32kfull.sys
2018-09-20 09:17:56 1364992 ----a-w- C:\WINDOWS\System32\bcastdvruserservice.dll
2018-09-20 09:17:55 2874368 ----a-w- C:\WINDOWS\System32\themeui.dll
2018-09-20 09:17:54 1856000 ----a-w- C:\WINDOWS\System32\msxml3.dll
2018-09-20 09:17:19 463872 ----a-w- C:\WINDOWS\System32\rdpshell.exe
2018-09-20 09:16:55 127488 ----a-w- C:\WINDOWS\System32\wmpshell.dll
2018-09-20 08:46:11 1454440 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2018-09-20 08:35:00 5669888 ----a-w- C:\WINDOWS\SysWow64\twinui.dll
2018-09-20 08:29:51 2891776 ----a-w- C:\WINDOWS\SysWow64\win32kfull.sys
2018-09-20 08:29:45 1586176 ----a-w- C:\WINDOWS\SysWow64\msxml3.dll
2018-09-20 08:29:35 2824704 ----a-w- C:\WINDOWS\SysWow64\themeui.dll
2018-09-20 08:28:18 102400 ----a-w- C:\WINDOWS\SysWow64\wmpshell.dll
2018-09-20 06:43:22 1008640 ----a-w- C:\WINDOWS\System32\Windows.Media.MixedRealityCapture.dll
2018-09-20 05:52:58 868864 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.MixedRealityCapture.dll
2018-09-20 04:29:23 1989232 ----a-w- C:\WINDOWS\SysWow64\msxml6.dll
2018-09-20 04:29:04 6039368 ----a-w- C:\WINDOWS\SysWow64\windows.storage.dll
2018-09-20 04:29:04 1513032 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2018-09-20 04:29:02 357056 ----a-w- C:\WINDOWS\SysWow64\bcryptprimitives.dll
2018-09-20 04:29:01 6569856 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2018-09-20 04:28:57 1129544 ----a-w- C:\WINDOWS\SysWow64\msvproc.dll
2018-09-20 04:28:41 581792 ----a-w- C:\WINDOWS\SysWow64\MSVideoDSP.dll
2018-09-20 04:28:30 567256 ----a-w- C:\WINDOWS\SysWow64\CoreMessaging.dll
2018-09-20 04:21:37 22013440 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2018-09-20 04:17:07 6661632 ----a-w- C:\WINDOWS\SysWow64\Windows.Data.Pdf.dll
2018-09-20 04:13:48 3711488 ----a-w- C:\WINDOWS\SysWow64\jscript9.dll
2018-09-20 04:12:39 269128 ----a-w- C:\WINDOWS\System32\SgrmEnclave_secure.dll
2018-09-20 04:12:38 272200 ----a-w- C:\WINDOWS\System32\SgrmEnclave.dll
2018-09-20 04:11:43 74240 ----a-w- C:\WINDOWS\SysWow64\dtdump.exe
2018-09-20 04:11:37 5777920 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll
2018-09-20 04:11:24 608768 ----a-w- C:\WINDOWS\SysWow64\EdgeManager.dll
2018-09-20 04:11:19 561152 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2018-09-20 04:11:03 578560 ----a-w- C:\WINDOWS\SysWow64\webplatstorageserver.dll
2018-09-20 04:10:57 1029432 ----a-w- C:\WINDOWS\System32\hvax64.exe
2018-09-20 04:10:53 76088 ----a-w- C:\WINDOWS\System32\drivers\hvservice.sys
2018-09-20 04:10:48 1221128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2018-09-20 04:10:44 566800 ----a-w- C:\WINDOWS\System32\tcblaunch.exe
2018-09-20 04:10:44 134968 ----a-w- C:\WINDOWS\System32\hvloader.dll
2018-09-20 04:10:31 500536 ----a-w- C:\WINDOWS\System32\drivers\mrxsmb.sys
2018-09-20 04:10:13 355840 ----a-w- C:\WINDOWS\SysWow64\PhotoMetadataHandler.dll
2018-09-20 04:10:03 2719032 ----a-w- C:\WINDOWS\System32\drivers\tcpip.sys
2018-09-20 04:08:52 4191232 ----a-w- C:\WINDOWS\SysWow64\wininet.dll
2018-09-20 03:53:35 25851392 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2018-09-20 03:44:27 4383744 ----a-w- C:\WINDOWS\System32\EdgeContent.dll
2018-09-20 03:44:04 8188928 ----a-w- C:\WINDOWS\System32\Windows.Data.Pdf.dll
2018-09-20 03:43:21 52736 ----a-w- C:\WINDOWS\System32\runexehelper.exe
2018-09-20 03:42:26 4866560 ----a-w- C:\WINDOWS\System32\jscript9.dll
2018-09-20 03:42:16 99328 ----a-w- C:\WINDOWS\System32\utcutil.dll
2018-09-20 03:42:16 433664 ----a-w- C:\WINDOWS\System32\MusNotification.exe
.
============= FINISH: 19:42:43.63 ===============

Attached Files

attach.txt (6.2 KB)