From private, 1 Year ago, written in Plain Text.
Embed
  1. DDS (Ver_2012-11-20.01) - NTFS_AMD64
  2. Internet Explorer: 11.0.14393.0  BrowserJavaVersion: 10.17.2
  3. Run by EJHamway at 23:07:04 on 2017-12-10
  4. Microsoft Windows 10 Home  10.0.14393.0.1252.1.1033.18.3563.1112 [GMT -5:00]
  5. .
  6. AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  7. SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
  8. SP: Norton Internet Security *Disabled/Outdated* {E8A636F3-74D8-B6D0-C0D1-5440974F4F66}
  9. .
  10. ============== Running Processes ===============
  11. .
  12. C:\WINDOWS\system32\svchost.exe -k DcomLaunch
  13. C:\WINDOWS\system32\svchost.exe -k RPCSS
  14. C:\WINDOWS\system32\svchost.exe -k netsvcs
  15. C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
  16. C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted
  17. C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
  18. C:\WINDOWS\system32\atiesrxx.exe
  19. C:\WINDOWS\system32\svchost.exe -k LocalService
  20. C:\WINDOWS\System32\svchost.exe -k NetworkService
  21. C:\Program Files\IDT\WDM\STacSV64.exe
  22. C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
  23. C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
  24. C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
  25. C:\WINDOWS\System32\spoolsv.exe
  26. C:\WINDOWS\system32\svchost.exe -k apphost
  27. C:\WINDOWS\System32\svchost.exe -k utcsvc
  28. C:\WINDOWS\system32\svchost.exe -k iissvcs
  29. C:\WINDOWS\system32\svchost.exe -k appmodel
  30. C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
  31. C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
  32. C:\WINDOWS\SysWoW64\ezSharedSvcHost.exe
  33. C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
  34. C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe
  35. C:\WINDOWS\system32\mqsvc.exe
  36. C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe
  37. C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
  38. C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
  39. C:\Program Files (x86)\LeapFrog\LeapFrog Connect\CommandService.exe
  40. C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
  41. C:\Program Files\Bonjour\mDNSResponder.exe
  42. C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
  43. C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
  44. C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
  45. C:\WINDOWS\system32\wbem\wmiprvse.exe
  46. C:\Program Files\iPod\bin\iPodService.exe
  47. C:\WINDOWS\system32\wbem\wmiprvse.exe
  48. C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
  49. C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
  50. C:\Program Files (x86)\Hewlett-Packard\HP Health Check\hphc_service.exe
  51. C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
  52. C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
  53. C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
  54. svchost.exe
  55. "c:\windows\system32\\svchost.exe"
  56. C:\WINDOWS\System32\dwm.exe
  57. C:\WINDOWS\system32\sihost.exe
  58. C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
  59. C:\WINDOWS\system32\taskhostw.exe
  60. C:\WINDOWS\Explorer.EXE
  61. C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe
  62. C:\Windows\System32\InstallAgent.exe
  63. C:\Windows\System32\InstallAgentUserBroker.exe
  64. C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
  65. C:\WINDOWS\System32\fontdrvhost.exe
  66. "c:\windows\system32\\svchost.exe"
  67. C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_service.exe
  68. C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_comm_customer.exe
  69. C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_system_customer.exe
  70. C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_user_customer.exe
  71. C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_host_service.exe
  72. C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe
  73. C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
  74. C:\Program Files\Windows Defender\MpCmdRun.exe
  75. C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
  76. C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE
  77. C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
  78. C:\Windows\System32\smartscreen.exe
  79. C:\Windows\System32\RuntimeBroker.exe
  80. C:\WINDOWS\system32\ApplicationFrameHost.exe
  81. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdge.exe
  82. C:\WINDOWS\system32\browser_broker.exe
  83. C:\WINDOWS\system32\BackgroundTransferHost.exe
  84. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  85. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  86. C:\WINDOWS\system32\AUDIODG.EXE
  87. C:\WINDOWS\winsxs\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.14393.0_none_36d3ccc3ddfd1ecb\TiWorker.exe
  88. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  89. C:\WINDOWS\system32\SearchIndexer.exe
  90. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  91. C:\WINDOWS\system32\wuauclt.exe
  92. C:\WINDOWS\SoftwareDistribution\Download\Install\Windows-KB890830-x64-V5.53.exe
  93. C:\WINDOWS\system32\MRT-KB890830.exe
  94. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  95. C:\WINDOWS\system32\wbem\WmiApSrv.exe
  96. C:\WINDOWS\system32\taskhostw.exe
  97. C:\WINDOWS\system32\backgroundTaskHost.exe
  98. C:\WINDOWS\system32\compattelrunner.exe
  99. C:\WINDOWS\system32\SearchProtocolHost.exe
  100. C:\WINDOWS\system32\SearchFilterHost.exe
  101. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  102. C:\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\microsoftedgecp.exe
  103. C:\WINDOWS\System32\cscript.exe
  104. .
  105. ============== Pseudo HJT Report ===============
  106. .
  107. uStart Page = hxxp://www.yahoo.com/
  108. uSearch Bar = Preserve
  109. uURLSearchHooks: {00000000-6E41-4FD3-8538-502F5495E5FC} - <orphaned>
  110. BHO: Adobe PDF Link Helper: {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll
  111. BHO: <No Name>: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - LocalServer32 - <no file>
  112. BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
  113. BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
  114. BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
  115. TB: <No Name>: {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - LocalServer32 - <no file>
  116. TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
  117. uRun: [iCloudServices] "C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe"
  118. uRun: [ApplePhotoStreams] C:\Program Files (x86)\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
  119. uRun: [OneDrive] "C:\Users\EJHamway\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
  120. uRunOnce: [Uninstall 17.3.7076.1026\amd64] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\EJHamway\AppData\Local\Microsoft\OneDrive\17.3.7076.1026\amd64"
  121. uRunOnce: [Uninstall 17.3.7076.1026] C:\WINDOWS\System32\cmd.exe /q /c rmdir /s /q "C:\Users\EJHamway\AppData\Local\Microsoft\OneDrive\17.3.7076.1026"
  122. mRun: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
  123. mRun: [HP Quick Launch] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
  124. mRun: [Adobe Reader Speed Launcher] "C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Reader_sl.exe"
  125. mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
  126. mRun: [Easybits Recovery] C:\Program Files (x86)\EasyBits For Kids\ezRecover.exe
  127. mRun: [HPOSD] C:\Program Files (x86)\Hewlett-Packard\HP On Screen Display\HPOSD.exe
  128. mRun: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
  129. mRun: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
  130. mRun: [Magic Desktop for HP notification] "C:\ProgramData\Easybits Magic Desktop for HP\mdhpSUN.exe"
  131. mRun: [AgentMonitor] C:\Program Files (x86)\VTech\DownloadManager\System\AgentMonitor.exe
  132. mRun: [Monitor] "C:\Program Files (x86)\LeapFrog\LeapFrog Connect\Monitor.exe"
  133. mPolicies-Explorer: EnableShellExecuteHooks = dword:1
  134. mPolicies-System: DSCAutomationHostEnabled = dword:2
  135. IE: {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - {5F7B1267-94A9-47F5-98DB-E99415F33AEC} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
  136. IE: {A95fe080-8f5d-11d2-a20b-00aa003c157a} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll/204
  137. TCP: NameServer = 192.168.1.254
  138. TCP: Interfaces\{9bb1fbcd-366f-4f87-9307-3ff038d36e75} : DHCPNameServer = 192.168.1.254
  139. Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
  140. Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
  141. Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
  142. SSODL: WebCheck - <orphaned>
  143. SEH: EasyBits ShellExecute Hook - {E54729E8-BB3D-4270-9D49-7389EA579090} - C:\Windows\SysWOW64\ezUPBHook.dll
  144. CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
  145. x64-BHO: <No Name>: {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - LocalServer32 - <no file>
  146. x64-BHO: Bing Bar Helper: {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll
  147. x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
  148. x64-TB: Bing Bar: {8dcb7100-df86-4384-8842-8fa844297b3f} -
  149. x64-Run: [SysTrayApp] C:\Program Files\IDT\WDM\sttray64.exe
  150. x64-Run: [iTunesHelper] "C:\Program Files\iTunes\iTunesHelper.exe"
  151. x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
  152. x64-Run: [WindowsDefender] "C:\Program Files (x86)\Windows Defender\MSASCuiL.exe"
  153. x64-mPolicies-Explorer: EnableShellExecuteHooks = dword:1
  154. x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
  155. x64-DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  156. x64-DPF: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  157. x64-DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
  158. x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
  159. x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
  160. x64-Handler: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - <orphaned>
  161. x64-Notify: GoToAssist Express Customer - C:\Program Files (x86)\GoToAssist Remote Support Customer\1544\g2ax_winlogonx64.dll
  162. x64-SSODL: WebCheck - <orphaned>
  163. x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
  164. x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
  165. x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
  166. .
  167. ============= SERVICES / DRIVERS ===============
  168. .
  169. R0 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
  170. R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-12-19 48992]
  171. R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
  172. R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
  173. R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
  174. R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-12-19 199008]
  175. R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-12-19 227328]
  176. R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
  177. R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
  178. R1 MpKsl1d045a06;MpKsl1d045a06;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{429F5918-01DA-4EB8-9388-D4E9CF1A664A}\MpKsl1d045a06.sys [2017-12-4 58120]
  179. R1 MpKsl7041d215;MpKsl7041d215;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{457A195B-A72C-4B64-84C5-E42455F71FFD}\MpKsl7041d215.sys [2017-11-13 58120]
  180. R1 MpKslf67bfc8b;MpKslf67bfc8b;C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D9CD8C3-B046-4F02-9C19-F829B7478C66}\MpKslf67bfc8b.sys [2017-12-10 58120]
  181. R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-10-21 255472]
  182. R2 AMD FUEL Service;AMD FUEL Service;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [2015-8-21 344064]
  183. R2 AODDriver4.3;AODDriver4.3;C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\aoddriver2.sys [2014-2-11 59616]
  184. R2 Apple Mobile Device Service;Apple Mobile Device Service;C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [2016-3-2 83768]
  185. R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
  186. R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
  187. R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
  188. R2 cvhsvc;Client Virtualization Handler;C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE [2015-3-18 822496]
  189. R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
  190. R2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  191. R2 ezSharedSvc;Easybits Services for Windows;C:\WINDOWS\System32\ezSharedSvcHost.exe --> C:\WINDOWS\System32\ezSharedSvcHost.exe [?]
  192. R2 HPClientSvc;HP Client Services;C:\Program Files\Hewlett-Packard\HP Client Services\HPClientServices.exe [2010-10-11 346168]
  193. R2 HPDrvMntSvc.exe;HP Quick Synchronization Service;C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2011-2-28 92216]
  194. R2 HPWMISVC;HPWMISVC;C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe [2010-11-9 26680]
  195. R2 IconMan_R;IconMan_R;C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe [2016-8-17 2451456]
  196. R2 RoxioNow Service;RoxioNow Service;C:\Program Files (x86)\Roxio\RoxioNow Player\RNowSvc.exe [2010-11-26 399344]
  197. R2 sftlist;Application Virtualization Client;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [2014-10-8 534184]
  198. R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
  199. R2 SynTPEnhService;SynTPEnh Caller Service;C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [2016-4-27 253960]
  200. R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
  201. R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  202. R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-12-19 119648]
  203. R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
  204. R3 amdiox64;AMD IO Driver;C:\WINDOWS\System32\drivers\amdiox64.sys [2011-7-2 46136]
  205. R3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
  206. R3 AtiHDAudioService;ATI Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdW76.sys [2010-11-17 115216]
  207. R3 BBUpdate;BBUpdate;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.EXE [2014-3-11 247968]
  208. R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
  209. R3 clwvd;CyberLink WebCam Virtual Driver;C:\WINDOWS\System32\drivers\clwvd.sys [2010-7-28 31088]
  210. R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  211. R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
  212. R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  213. R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
  214. R3 netr28x;Ralink 802.11n Extensible Wireless Driver;C:\WINDOWS\System32\drivers\netr28x.sys [2016-7-16 2504192]
  215. R3 RSPCIESTOR;Realtek PCIE CardReader Driver;C:\WINDOWS\System32\drivers\RtsPStor.sys [2016-8-17 339600]
  216. R3 rt640x64;Realtek RT640 NT Driver;C:\WINDOWS\System32\drivers\rt640x64.sys [2016-7-16 589824]
  217. R3 Sftfs;Sftfs;C:\WINDOWS\System32\drivers\Sftfslh.sys [2014-10-8 766632]
  218. R3 Sftplay;Sftplay;C:\WINDOWS\System32\drivers\Sftplaylh.sys [2014-10-8 273576]
  219. R3 Sftredir;Sftredir;C:\WINDOWS\System32\drivers\Sftredirlh.sys [2014-10-8 29352]
  220. R3 Sftvol;Sftvol;C:\WINDOWS\System32\drivers\Sftvollh.sys [2014-10-8 23208]
  221. R3 sftvsa;Application Virtualization Service Agent;C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [2014-10-8 211104]
  222. R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
  223. R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
  224. R3 usbfilter;AMD USB Filter Driver;C:\WINDOWS\System32\drivers\usbfilter.sys [2011-7-2 47232]
  225. R3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  226. R3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
  227. R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
  228. R4 IDSVia64;IDSVia64;C:\Program Files (x86)\Norton Internet Security\NortonData\22.5.2.15\Definitions\IPSDefs\20150710.001\IDSviA64.sys [2016-7-19 692984]
  229. RUnknown SymIRON;SymIRON; [x]
  230. RUnknown SymNetS;SymNetS; [x]
  231. S2 BBSvc;BingBar Service;C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.EXE [2014-3-11 193696]
  232. S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
  233. S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
  234. S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
  235. S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
  236. S3 amd_sata;amd_sata;C:\WINDOWS\System32\drivers\amd_sata.sys [2011-3-4 78976]
  237. S3 amd_xata;amd_xata;C:\WINDOWS\System32\drivers\amd_xata.sys [2011-3-4 38528]
  238. S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
  239. S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
  240. S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
  241. S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
  242. S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
  243. S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
  244. S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-12-19 118272]
  245. S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
  246. S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
  247. S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  248. S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  249. S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
  250. S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  251. S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  252. S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  253. S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  254. S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
  255. S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
  256. S3 GamesAppIntegrationService;GamesAppIntegrationService;C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2014-4-24 227904]
  257. S3 GamesAppService;GamesAppService;C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-4-24 203344]
  258. S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
  259. S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
  260. S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  261. S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
  262. S3 iai2c;Intel(R) Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
  263. S3 iaLPSS2i_GPIO2;Intel(R) Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
  264. S3 iaLPSS2i_I2C;Intel(R) Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
  265. S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
  266. S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
  267. S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
  268. S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
  269. S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
  270. S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
  271. S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
  272. S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
  273. S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-12-19 64352]
  274. S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
  275. S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
  276. S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
  277. S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  278. S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
  279. S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  280. S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
  281. S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
  282. S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
  283. S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
  284. S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  285. S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  286. S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
  287. S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
  288. S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-12-19 1312768]
  289. S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  290. S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
  291. S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
  292. S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  293. S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-12-19 81760]
  294. S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
  295. S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
  296. S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
  297. S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
  298. S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
  299. S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
  300. S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
  301. S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
  302. S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
  303. S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
  304. S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
  305. S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
  306. S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
  307. S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
  308. S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
  309. S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  310. S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
  311. S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2016-7-16 44496]
  312. S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
  313. S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-12-19 719360]
  314. S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
  315. S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
  316. S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-12-19 258560]
  317. S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-12-19 43520]
  318. S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
  319. S4 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
  320. .
  321. =============== Created Last 30 ================
  322. .
  323. 2017-12-11 03:47:15     126925120       -c--a-w-        C:\WINDOWS\System32\MRT-KB890830.exe
  324. 2017-12-11 01:28:24     --------        d-----w-        C:\Program Files (x86)\GoToAssist Remote Support Customer
  325. 2017-12-11 01:28:01     --------        d-----w-        C:\Users\EJHamway\AppData\Local\GoToAssist Remote Support Customer
  326. 2017-12-11 01:27:49     --------        d-----w-        C:\Users\EJHamway\AppData\Local\GoTo Opener
  327. 2017-12-11 01:06:24     58120   ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D9CD8C3-B046-4F02-9C19-F829B7478C66}\MpKslf67bfc8b.sys
  328. 2017-12-11 00:52:04     --------        d-----w-        C:\Program Files\rempl
  329. 2017-12-11 00:50:43     --------        d-----w-        C:\WINDOWS\System32\UNP
  330. 2017-12-11 00:50:43     --------        d-----w-        C:\Program Files\UNP
  331. 2017-12-11 00:41:32     1057976 ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{2A4B5043-D349-42E5-A2A0-FD3F8B189D6F}\gapaengine.dll
  332. 2017-12-11 00:37:53     13899592        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D9CD8C3-B046-4F02-9C19-F829B7478C66}\mpengine.dll
  333. 2017-12-11 00:21:03     20771840        ----a-w-        C:\WINDOWS\SysWow64\FlashPlayerInstaller.exe
  334. 2017-12-04 20:38:00     58120   ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{429F5918-01DA-4EB8-9388-D4E9CF1A664A}\MpKsl1d045a06.sys
  335. 2017-12-04 20:23:59     13771264        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
  336. 2017-12-04 20:23:59     13771264        ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{429F5918-01DA-4EB8-9388-D4E9CF1A664A}\mpengine.dll
  337. 2017-11-14 02:26:55     102608  ----a-w-        C:\WINDOWS\System32\drivers\SYMEVENT64x86.SY1
  338. 2017-11-14 01:53:59     58120   ------w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{457A195B-A72C-4B64-84C5-E42455F71FFD}\MpKsl7041d215.sys
  339. 2017-11-14 01:51:45     1057976 ----a-w-        C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{556E992D-B5E3-49D3-8FC8-1484EE3ECD7B}\gapaengine.dll
  340. .
  341. ==================== Find3M  ====================
  342. .
  343. 2017-12-04 20:21:26     545440  ------w-        C:\WINDOWS\System32\MpSigStub.exe
  344. .
  345. ============= FINISH: 23:10:07.80 ===============
  346.