Hi. I’m looking to replace my main files and OS onto an 200GB SDHD card instead of my HDD on my computer. My disk speed is always at 100% and I think it’s slowing my computer down. Do you think that it would be slower? The SDHC I’m looking at has 80mb/sec read and slightly slower write. Thanks!
SDHC vs. HDD
- Thread starter Dill
- Start date
Agent Smith
Well-Known Member
Your disk speed is always at 100% or your disk is full to capacity? If your disk is constantly being used, then you have something else going on. If it's a capacity problem, then I would buy another hard drive instead. A SD card is going to be pretty damn slow, but manageable I suppose. Just not the most perfect solution.
Agree with Agent Smith. Back up your personal files wipe your existing hard drive and reinstall. I don't know how old your set up is but every hard drive, without exception, will, progressively, slow down over time. Back up, wipe, reinstall.
Oh and transferring a big load of files to a SD card will take hours and hours if not days.
Oh and transferring a big load of files to a SD card will take hours and hours if not days.
Think about the way these things work. Computers are pretty stupid they just work stuff out in a stupid roundabout way extremely fast. Everything that a computer does is based on 1s and 0s or switches that say "I am on" a 1 or "I am off" a zero. When you delete stuff all you delete is the header that tells the computer what those files are for. The rest of the ones and zeros are left behind untill something overwrites that part of the hard drive. Unfortunately the computer, being a stupid neanderthal beast still looks at those useless ones and zeros. Over a period of time, and three years is a long time, those left behind ones and zeros build up. There are zillions and zillions and zillions of them and whilst computers can do everything extremely quickly it will still take a finite amount of time for the computer to check all those redundant ones and zeros resulting in a gradual slowing down of the computer. The first thing I do when I get a new computer is I wipe it. This not only cleans the hard drive of any redundant ones and zeros left by the manufacturer it also gets rid of the crapolla that ALL manufacturers put on their machines. Unfortunately the crap that comes with windows does have to stay to an extent even if you use something like Ccleaner. Then I set my computers up with all the programs that I want to use and then I copy all my backed up files on to my computer but keeping the backup. The reason for that is a lot of my files load much quicker from the internal hard drive rather than from an external hard drive via the USB port, even a USB 3 port. After all that I then get to use my computer. BUT I will do all that again, possibly in six months time.
Of course the other possibilty is a RAM fault which could mean your computer is only using half, or less, of the available RAM. Or it could also be your hard drive is actually slowing down somewhat. They are, after all, mechanical devices and the platters rely on bearings to run up to speed which can and do break down.
Of course the other possibilty is a RAM fault which could mean your computer is only using half, or less, of the available RAM. Or it could also be your hard drive is actually slowing down somewhat. They are, after all, mechanical devices and the platters rely on bearings to run up to speed which can and do break down.
I would start scanning your system for malware. Please run the following.
1.
Please download AdwCleaner onto your Desktop.
•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool. Please click on yes to allow Adwcleaner to run on your system.
•Click on Scan.
•After the scan, the clean button will be replaced by the clean button which you will need to click on to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
2.
Please download Malwarebytes' Anti-Malware and save it to your desktop.
[*]Click on the scan now button and let it start scanning your system.
[*]When the scan is complete, please make sure all entries are checked and click on quarantine.
[*]A log will be saved automatically which you can access by clicking on the the reports tab on the left and then click on scan report. You can open that report and copy and paste the contents in your reply.
[/LIST]
If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.
EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE
But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.
3.
Download OTL to your Desktop
•Double click on the icon to run it. Again click on yes to allow it to run. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan may take a few minutes.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.
Then post the logs from the following 4 programs.
1. Adwcleaner
2. Malwarebytes
3. OTL
1.
Please download AdwCleaner onto your Desktop.
•Please close all open programs and internet browsers.
•Double click on adwcleaner.exe to run the tool. Please click on yes to allow Adwcleaner to run on your system.
•Click on Scan.
•After the scan, the clean button will be replaced by the clean button which you will need to click on to delete the adware.
•Your computer will be rebooted automatically. A text file will open after the restart.
•Please post the content of that logfile in your reply.
•You can find the logfile at C:\AdwCleaner[Sn].txt as well - n is the order number.
2.
Please download Malwarebytes' Anti-Malware and save it to your desktop.
- Double-click mbam-setup.exe and follow the prompts to install the program.
- Launch Malwarebytes' Anti-Malware.
[*]Click on the scan now button and let it start scanning your system.
[*]When the scan is complete, please make sure all entries are checked and click on quarantine.
[*]A log will be saved automatically which you can access by clicking on the the reports tab on the left and then click on scan report. You can open that report and copy and paste the contents in your reply.
[/LIST]
If for some reason Malwarebytes will not install or run please download and run Rkill.scr, Rkill.exe, or Rkill.com. If you are still having issues running rkill then try downloading these renamed versions of the same program.
EXPLORER.EXE
IEXPLORE.EXE
USERINIT.EXE
WINLOGON.EXE
But DO NOT reboot the system and then try installing or running Malwarebytes. If Rkill (which is a black box) appears and then disappears right away or you get a message saying rkill is infected, keep trying to run rkill until it over powers the infection and temporarily kills it. Once a log appears on the screen, you can try running malwarebytes or downloading other programs.
3.
Download OTL to your Desktop
•Double click on the icon to run it. Again click on yes to allow it to run. Make sure all other windows are closed and to let it run uninterrupted.
•Click on Minimal Output at the top
•Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan may take a few minutes.
◦When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL. Just post the OTL.txt file in your reply.
Then post the logs from the following 4 programs.
1. Adwcleaner
2. Malwarebytes
3. OTL
Its a lot! I sorted them out by putting the program name in bulk. If you want a short story short, they didn't find anything on my computer except that AdwCleaner found PUP.Optional.Legacy on my computer. Thanks for all the help!
AdwCleaner
# AdwCleaner 7.0.4.0 - Logfile created on Mon Nov 27 20:26:07 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d1vyejqi0lnyjd.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d1vyejqi0lnyjd.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.spigotmc.org
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3268 B] - [2017/11/27 20:24:24]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 11/27/17
Scan Time: 3:47 PM
Log File: 37a7c580-d3b4-11e7-9faa-60029234a218.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3359
License: Trial
-System Information-
OS: Windows 10 (Build 16299.64)
CPU: x64
File System: NTFS
User: DYLANCLAPTOP\Dylan156
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 451755
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 16 min, 42 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
(end)
OTL
OTL logfile created on: 11/27/2017 4:09:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dylan156\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 52.90% Memory free
6.85 Gb Paging File | 3.71 Gb Available in Paging File | 54.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.61 Gb Total Space | 380.10 Gb Free Space | 55.36% Space Free | Partition Type: NTFS
Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Dylan156\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\Dylan156\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avpui.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Apple, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Intel)
PRC - C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel)
PRC - C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe (AO Kaspersky Lab)
========== Modules (No Company Name) ==========
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._windows_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._core_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._gdi_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._misc_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._html2.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._controls_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.volumes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.device_monitor.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.conditional.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.winwrap.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32security.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32inet.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32process.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32pdh.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32pipe.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32ts.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32profile.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32gui.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32file.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32event.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32crypt.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32com.shell.shell.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32api.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\usb_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\unicodedata.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\thumbnails_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\select.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pythoncom27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pywintypes27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pyexpat.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\common.time34.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\hashobjs_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_yappi.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_ssl.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_socket.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_psutil_windows.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_multiprocessing.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_hashlib.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\PIL._imaging.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_elementtree.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_ctypes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._windows_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._misc_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._html2.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._core_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._controls_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._gdi_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.volumes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.device_monitor.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.conditional.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.winwrap.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32security.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32ts.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32profile.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32process.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32pipe.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32pdh.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32gui.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32file.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32inet.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32event.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32crypt.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32com.shell.shell.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32api.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\usb_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\unicodedata.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pythoncom27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pywintypes27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\thumbnails_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\select.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pyexpat.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_ssl.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_yappi.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\common.time34.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\hashobjs_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_socket.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_psutil_windows.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_multiprocessing.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_hashlib.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\PIL._imaging.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_elementtree.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\kasperskylab.ksde.nativeinterop.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll ()
MOD - C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWinRT.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.exe (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (SynTPEnhService) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (klvssbridge64_18.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe (AO Kaspersky Lab)
SRV - (EasyAntiCheat) -- C:\Windows\SysWOW64\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (DSAService) -- C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Intel)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Garmin Device Interaction Service) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
SRV - (KSDE2.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe (AO Kaspersky Lab)
SRV - (AVP18.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe (AO Kaspersky Lab)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMWebProtection) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes)
DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes)
DRV:64bit: - (MBAMFarflt) -- C:\Windows\SysNative\drivers\farflt.sys (Malwarebytes)
DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys ()
DRV:64bit: - (klupd_klif_klark) -- C:\Windows\SysNative\drivers\klupd_klif_klark.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_klbg) -- C:\Windows\SysNative\drivers\klupd_klif_klbg.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_arkmon) -- C:\Windows\SysNative\drivers\klupd_klif_arkmon.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_mark) -- C:\Windows\SysNative\drivers\klupd_klif_mark.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_kimul) -- C:\Windows\SysNative\drivers\klupd_klif_kimul.sys (AO Kaspersky Lab)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (AO Kaspersky Lab)
DRV:64bit: - (klhk) -- C:\Windows\SysNative\drivers\klhk.sys (AO Kaspersky Lab)
DRV:64bit: - (klflt) -- C:\Windows\SysNative\drivers\klflt.sys (AO Kaspersky Lab)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (AO Kaspersky Lab)
DRV:64bit: - (Klwtp) -- C:\Windows\SysNative\drivers\klwtp.sys (AO Kaspersky Lab)
DRV:64bit: - (klbackupflt) -- C:\Windows\SysNative\drivers\klbackupflt.sys (AO Kaspersky Lab)
DRV:64bit: - (klbackupdisk) -- C:\Windows\SysNative\drivers\klbackupdisk.sys (AO Kaspersky Lab)
DRV:64bit: - (klpd) -- C:\Windows\SysNative\drivers\klpd.sys (AO Kaspersky Lab)
DRV:64bit: - (NETwNb64) -- C:\Windows\SysNative\drivers\Netwbw02.sys (Intel Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (wdnsfltr) -- C:\Windows\SysNative\drivers\wdnsfltr.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (BthA2DP) -- C:\Windows\SysNative\drivers\BthA2DP.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (bthl2cap) -- C:\Windows\SysNative\drivers\bthl2cap.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (vnvdimm) -- C:\Windows\SysNative\drivers\vnvdimm.sys (Microsoft Corporation)
DRV:64bit: - (invdimm) -- C:\Windows\SysNative\drivers\invdimm.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (klpnpflt) -- C:\Windows\SysNative\drivers\klpnpflt.sys (AO Kaspersky Lab)
DRV:64bit: - (cm_km) -- C:\Windows\SysNative\drivers\cm_km.sys (AO Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (AO Kaspersky Lab)
DRV:64bit: - (klwfp) -- C:\Windows\SysNative\drivers\klwfp.sys (AO Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (AO Kaspersky Lab)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (semav6msr64) -- C:\Windows\SysNative\drivers\semav6msr64.sys ()
DRV:64bit: - (klelam) -- C:\Windows\SysNative\drivers\klelam.sys (AO Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (AO Kaspersky Lab)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (AO Kaspersky Lab)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (kltap) -- C:\Windows\SysNative\drivers\kltap.sys (The OpenVPN Project)
DRV:64bit: - (kldisk) -- C:\Windows\SysNative\drivers\kldisk.sys (AO Kaspersky Lab)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\drivers\Thotkey.sys (Toshiba Corporation)
DRV:64bit: - (AmPeStor) -- C:\Windows\SysNative\drivers\AmPeStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (ScpVBus) -- C:\Windows\SysNative\drivers\ScpVBus.sys (Scarlet.Crush Productions)
DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 16 A2 AF 7B DF CC D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 1B CA E5 09 1A 18 01 3A 57 8E C5 F1 13 80 E3 1B 2C F1 28 E9 B9 76 6A 94 22 2B AA 2F 66 61 D9 D1 AD 37 F0 41 55 6B 39 BC 3B 62 EC C3 F9 24 84 CE 46 5E 5A 02 00 00 00 0E 00 00 00 32 48 43 77 4B 58 56 46 63 39 67 25 33 64 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.3.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2: C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2: C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@my.com/Games: C:\Users\Dylan156\AppData\Local\MyComGames\NPMyComDetector.dll (MY.COM B.V.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Dylan156\AppData\Local\Roblox\Versions\version-e6d872d544b64cd9\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\Dylan156\AppData\Local\Roblox\Versions\version-e6d872d544b64cd9\\NPRobloxProxy64.dll ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY FREE 18.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2017/10/28 17:51:59 | 000,169,074 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017/10/28 17:51:59 | 000,169,074 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2017/06/14 16:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Extensions
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\browser-extension-data
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\browser-extension-data\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack
[2017/07/23 16:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\extensions
[2017/06/14 16:23:54 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\extensions\[email protected]
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\storage\default\moz-extension+++e7df98e0-04f0-4505-9324-d8943103bc37^addonId=87677a2c52b84ad3a151a4a72f5bd3c4%40jetpack
[2017/07/31 08:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\storage\default\moz-extension+++e7df98e0-04f0-4505-9324-d8943103bc37^addonId=87677a2c52b84ad3a151a4a72f5bd3c4%40jetpack\idb
[2017/07/23 16:43:05 | 004,266,946 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\extensions\[email protected]
[2017/06/14 16:26:26 | 000,005,247 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\extensions\[email protected]
[2017/07/04 09:57:42 | 000,009,974 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\features\{dac783d8-6917-4125-aa2d-9d27d7a2be4e}\[email protected]
[2017/07/04 09:57:42 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\features\{dac783d8-6917-4125-aa2d-9d27d7a2be4e}\[email protected]
[2017/07/04 09:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\apkldkehnmnkbcgkjbgchjghikcggpog\3.0.0.0_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfibdjbnmndigbklnlllakjbjheiopj\1.0.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae\1.0.3_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.2.0.11_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\8.4.0_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk\5.1.93.0_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6117.717.0.4_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\
O1 HOSTS File: ([2015/10/29 21:46:13 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DSATray] C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel)
O4 - HKCU..\Run: [Discord] C:\Users\Dylan156\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MyComGames] C:\Users\Dylan156\AppData\Local\MyComGames\MyComGames.exe (MY.COM B.V.)
O4 - HKCU..\Run: [OneDrive] C:\Users\Dylan156\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: sharepoint.com ([randolphtownshipschools-files] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([randolphtownshipschools-myfiles] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c272774c-3ff8-4d2f-9546-0a7899823574}: DhcpNameServer = 10.4.0.10 10.1.0.10 10.9.20.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{eab49cd1-a6ff-4456-8b5b-91fa33ce490c}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/05/03 15:30:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017/11/27 16:14:18 | 000,253,192 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2017/11/27 16:14:01 | 000,107,680 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2017/11/27 16:14:00 | 000,230,312 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2017/11/27 16:08:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dylan156\Desktop\OTL.exe
[2017/11/27 15:47:21 | 000,193,464 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2017/11/27 15:47:17 | 000,110,016 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/11/27 15:47:17 | 000,094,144 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/11/27 15:47:06 | 000,046,008 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/11/27 15:47:00 | 000,253,880 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2017/11/27 15:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/11/27 15:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/11/27 15:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/11/27 15:41:03 | 078,346,672 | ---- | C] (Malwarebytes ) -- C:\Users\Dylan156\Desktop\mb3-setup-consumer-3.3.1.2183.exe
[2017/11/27 15:20:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/11/25 17:04:22 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2017/11/20 16:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017/11/13 15:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2017/11/13 15:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2017/11/13 15:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2017/11/13 15:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2017/11/06 14:23:40 | 000,076,472 | ---- | C] (Flash-Integro LLC) -- C:\WINDOWS\SysNative\mslvddsfilter4.ax
[2017/11/06 14:23:34 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysNative\divx.dll
[2017/11/06 14:23:34 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\SysNative\vp6vfw.dll
[2017/11/06 14:23:34 | 000,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\SysNative\mcdvd_32.dll
[2017/11/06 14:23:34 | 000,221,215 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysNative\divxdec.ax
[2017/11/06 14:23:34 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\SysNative\vct3216.acm
[2017/11/06 14:23:34 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\SysNative\AC3ACM.acm
[2017/11/06 14:23:34 | 000,038,912 | ---- | C] (NCT Company) -- C:\WINDOWS\SysNative\alf2cd.acm
[2017/11/06 14:23:34 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\WINDOWS\SysNative\Scg726.acm
[2017/11/06 14:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FlashIntegro
[2017/11/06 14:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\FlashIntegro
[2017/11/02 15:13:31 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\EasyAntiCheat
[2017/11/01 21:10:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2017/11/01 20:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017/11/01 19:58:58 | 000,000,000 | -H-D | C] -- C:\Users\Dylan156\MicrosoftEdgeBackups
[2017/11/01 19:57:54 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\PackageStaging
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2017/11/01 17:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017/11/01 17:18:13 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Packages
[2017/11/01 17:17:17 | 000,000,000 | --SD | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\Temporary Internet Files
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Templates
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Start Menu
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\SendTo
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Recent
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\PrintHood
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\NetHood
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Videos
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Pictures
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Music
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\My Documents
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Local Settings
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\History
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Cookies
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Application Data
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\Application Data
[2017/11/01 17:17:17 | 000,000,000 | -H-D | C] -- C:\Users\Dylan156\AppData
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Temp
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Microsoft
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/11/01 17:14:57 | 000,103,976 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2017/11/01 17:14:57 | 000,099,880 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2017/11/01 17:12:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017/11/01 17:10:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017/11/01 16:38:34 | 001,055,448 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klif.sys
[2017/11/01 16:38:34 | 000,554,408 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kl1.sys
[2017/11/01 16:38:34 | 000,247,008 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\cm_km.sys
[2017/11/01 16:38:34 | 000,207,576 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klflt.sys
[2017/11/01 16:38:34 | 000,199,360 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kneps.sys
[2017/11/01 16:38:34 | 000,173,144 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2017/11/01 16:38:34 | 000,136,176 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klwtp.sys
[2017/11/01 16:38:34 | 000,093,920 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klwfp.sys
[2017/11/01 16:38:34 | 000,089,952 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klbackupflt.sys
[2017/11/01 16:38:34 | 000,087,584 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2017/11/01 16:38:34 | 000,078,216 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kldisk.sys
[2017/11/01 16:38:34 | 000,070,872 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klbackupdisk.sys
[2017/11/01 16:38:34 | 000,058,592 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klmouflt.sys
[2017/11/01 16:38:34 | 000,057,056 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klkbdflt.sys
[2017/11/01 16:38:34 | 000,050,672 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klpd.sys
[2017/11/01 16:38:34 | 000,044,768 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klpnpflt.sys
[2017/11/01 16:38:34 | 000,029,816 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klelam.sys
[2017/11/01 16:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017/11/01 16:34:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017/11/01 15:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017/11/01 15:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
[2017/11/01 15:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Driver and Support Assistant
[2017/11/01 15:01:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2017/11/01 15:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Driver and Support Assistant
[2017/10/30 18:31:35 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop assistant
[2017/10/30 16:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2017/10/30 14:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2017/10/28 17:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
[2017/10/28 17:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
[2017/10/28 17:52:19 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\klfphc.dll
[2017/10/28 17:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2017/10/28 17:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2017/10/28 17:51:15 | 000,594,144 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klhk.sys
[2017/10/28 17:51:15 | 000,149,304 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\klhkum.dll
[2017/02/16 15:43:48 | 022,803,992 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
========== Files - Modified Within 30 Days ==========
[2017/11/27 16:14:23 | 000,253,192 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2017/11/27 16:14:01 | 000,107,680 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2017/11/27 16:14:00 | 000,230,312 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2017/11/27 16:11:07 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForDylan156.job
[2017/11/27 16:08:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan156\Desktop\OTL.exe
[2017/11/27 15:48:23 | 000,094,144 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/11/27 15:47:21 | 000,193,464 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2017/11/27 15:47:17 | 000,110,016 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/11/27 15:47:06 | 000,046,008 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/11/27 15:47:00 | 000,253,880 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2017/11/27 15:46:51 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/11/27 15:41:09 | 078,346,672 | ---- | M] (Malwarebytes ) -- C:\Users\Dylan156\Desktop\mb3-setup-consumer-3.3.1.2183.exe
[2017/11/27 15:29:41 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/11/27 15:28:55 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017/11/27 15:27:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/11/27 15:27:38 | 2539,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/22 17:13:17 | 000,422,408 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/11/13 15:48:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2017/11/13 15:34:44 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/11/08 15:58:25 | 000,788,008 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\EasyAntiCheat.sys
[2017/11/08 15:10:54 | 000,905,252 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/08 15:10:54 | 000,764,430 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017/11/08 15:10:54 | 000,144,852 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017/11/01 19:57:11 | 000,002,371 | ---- | M] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/11/01 18:04:55 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017/11/01 18:04:55 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017/11/01 17:55:11 | 000,022,840 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/11/01 17:15:03 | 000,000,200 | ---- | M] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2017/11/01 15:17:34 | 000,000,036 | ---- | M] () -- C:\WINDOWS\progress.ini
[2017/11/01 08:54:56 | 000,077,432 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/10/28 17:53:34 | 000,173,144 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2017/10/28 17:53:34 | 000,087,584 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2017/10/28 17:51:15 | 001,055,448 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klif.sys
[2017/10/28 17:51:15 | 000,594,144 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klhk.sys
[2017/10/28 17:51:15 | 000,207,576 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klflt.sys
[2017/10/28 17:51:15 | 000,149,304 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\klhkum.dll
========== Files Created - No Company Name ==========
[2017/11/27 15:46:51 | 000,001,923 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/11/27 15:46:46 | 000,077,432 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/11/14 15:23:56 | 003,313,968 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2017/11/14 15:23:44 | 002,474,584 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017/11/14 15:23:42 | 000,975,872 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2017/11/14 15:23:24 | 000,269,696 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2017/11/14 15:23:19 | 000,097,792 | ---- | C] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2017/11/13 15:34:44 | 000,001,827 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/11/06 14:23:34 | 000,524,288 | ---- | C] () -- C:\WINDOWS\SysNative\xvidcore.dll
[2017/11/06 14:23:34 | 000,245,760 | ---- | C] () -- C:\WINDOWS\SysNative\lame.ax
[2017/11/06 14:23:34 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysNative\Lagarith.dll
[2017/11/06 14:23:34 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysNative\xvidvfw.dll
[2017/11/06 14:23:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysNative\xvid.ax
[2017/11/01 17:56:50 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017/11/01 17:56:50 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017/11/01 17:35:29 | 000,905,252 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/01 17:22:36 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017/11/01 17:17:17 | 000,000,352 | ---- | C] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/11/01 17:17:17 | 000,000,334 | ---- | C] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/11/01 17:12:45 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017/11/01 17:10:42 | 000,422,408 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/11/01 16:19:12 | 000,105,420 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2017/11/01 16:19:12 | 000,105,420 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017/11/01 15:05:13 | 000,000,742 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
[2017/10/08 12:16:45 | 000,000,203 | ---- | C] () -- C:\Users\Dylan156\.gitconfig
[2017/09/29 08:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017/09/29 08:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017/09/29 08:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017/09/29 08:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/09/29 08:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017/09/29 08:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017/09/29 08:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017/09/29 08:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017/09/29 08:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017/09/29 08:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017/09/29 08:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017/09/29 08:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017/09/29 08:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017/09/29 08:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017/09/29 08:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/09/29 08:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017/09/20 16:24:35 | 000,524,288 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2017/09/20 16:24:35 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Lagarith.dll
[2017/09/20 16:24:35 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2017/07/23 17:21:27 | 001,101,726 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2017/06/12 16:25:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2017/04/19 16:43:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2017/04/19 15:32:56 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2017/02/19 07:46:49 | 000,007,605 | ---- | C] () -- C:\Users\Dylan156\AppData\Local\Resmon.ResmonCfg
[2015/05/03 19:11:55 | 000,009,136 | ---- | C] () -- C:\Users\Dylan156\Car! Side View.layout
[2015/05/03 19:11:55 | 000,009,113 | ---- | C] () -- C:\Users\Dylan156\Backup of Car! Side View.layout
[2015/03/28 18:44:01 | 000,000,545 | ---- | C] () -- C:\Users\Dylan156\Dill_Pickle613.png
[2014/12/23 19:10:23 | 000,000,075 | ---- | C] () -- C:\Users\Dylan156\.atl.properties
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017/09/29 08:41:31 | 007,675,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/09/29 08:42:11 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/09/29 08:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017/09/29 08:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017/09/29 08:42:04 | 000,506,880 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016/06/25 07:04:21 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.atlauncher
[2017/10/30 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.minecraft
[2016/09/29 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.technic
[2017/06/21 16:20:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\3909
[2017/06/01 17:40:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Atom
[2016/11/18 07:22:44 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Battle.net
[2017/03/30 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Brackets
[2016/08/18 07:33:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Curse
[2017/06/20 15:10:42 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Curse Client
[2017/10/08 12:06:18 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\discord
[2017/11/02 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\EasyAntiCheat
[2017/11/01 14:59:07 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\EQATEC Analytics
[2017/09/20 16:28:46 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\FlashIntegro
[2017/02/17 17:56:56 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\ftblauncher
[2017/03/11 11:50:07 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Garmin
[2017/10/08 12:41:12 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\GitHub
[2017/06/14 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Grammarly
[2017/09/02 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\itch
[2016/06/22 17:42:17 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\java
[2017/07/19 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\LiquidSky
[2016/06/24 17:09:50 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\LolClient
[2016/09/15 15:59:00 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\MakeMusic
[2017/06/12 16:19:42 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Nefarius Software Solutions
[2016/06/24 16:06:18 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Riot Games
[2017/10/13 20:53:27 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Shooter
[2016/06/29 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Spore
[2017/07/19 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Spotify
[2017/06/20 14:14:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Twitch
[2016/11/13 12:03:27 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\wargaming.net
[2017/01/11 20:48:13 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Dylan156\OneDrive:ms-properties
@Alternate Data Stream - 212 bytes -> C:\Users\Dylan156\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
< End of report >
AdwCleaner
# AdwCleaner 7.0.4.0 - Logfile created on Mon Nov 27 20:26:07 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 10 Home (X64)
# Mode: clean
# Support: https://www.malwarebytes.com/support
***** [ Services ] *****
No malicious services deleted.
***** [ Folders ] *****
No malicious folders deleted.
***** [ Files ] *****
Deleted: C:\END
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks deleted.
***** [ Registry ] *****
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d1vyejqi0lnyjd.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\EdpDomStorage\www.spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d16fk4ms6rqz1v.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d1vyejqi0lnyjd.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\d22j4fzzszoii2.cloudfront.net
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\spigotmc.org
Deleted: [Key] - HKCU\Software\Classes\Local Settings\Software\Microsoft\Windows\CurrentVersion\AppContainer\Storage\microsoft.microsoftedge_8wekyb3d8bbwe\Children\001\Internet Explorer\DOMStorage\www.spigotmc.org
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries deleted.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries deleted.
*************************
::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0
*************************
C:/AdwCleaner/AdwCleaner[S0].txt - [3268 B] - [2017/11/27 20:24:24]
########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt ##########
Malwarebytes
www.malwarebytes.com
-Log Details-
Scan Date: 11/27/17
Scan Time: 3:47 PM
Log File: 37a7c580-d3b4-11e7-9faa-60029234a218.json
Administrator: Yes
-Software Information-
Version: 3.3.1.2183
Components Version: 1.0.236
Update Package Version: 1.0.3359
License: Trial
-System Information-
OS: Windows 10 (Build 16299.64)
CPU: x64
File System: NTFS
User: DYLANCLAPTOP\Dylan156
-Scan Summary-
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 451755
Threats Detected: 0
(No malicious items detected)
Threats Quarantined: 0
(No malicious items detected)
Time Elapsed: 16 min, 42 sec
-Scan Options-
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect
-Scan Details-
Process: 0
(No malicious items detected)
Module: 0
(No malicious items detected)
Registry Key: 0
(No malicious items detected)
Registry Value: 0
(No malicious items detected)
Registry Data: 0
(No malicious items detected)
Data Stream: 0
(No malicious items detected)
Folder: 0
(No malicious items detected)
File: 0
(No malicious items detected)
Physical Sector: 0
(No malicious items detected)
(end)
OTL
OTL logfile created on: 11/27/2017 4:09:28 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Dylan156\Desktop
64bit- An unknown product (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.11.16299.0)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy
5.91 Gb Total Physical Memory | 3.13 Gb Available Physical Memory | 52.90% Memory free
6.85 Gb Paging File | 3.71 Gb Available in Paging File | 54.22% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 686.61 Gb Total Space | 380.10 Gb Free Space | 55.36% Space Free | Partition Type: NTFS
Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
========== Processes (SafeList) ==========
PRC - File not found
PRC - C:\Users\Dylan156\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Google\Update\1.3.33.7\GoogleCrashHandler.exe (Google Inc.)
PRC - C:\Users\Dylan156\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
PRC - C:\Windows\SysWOW64\fontdrvhost.exe (Microsoft Corporation)
PRC - C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe (Malwarebytes)
PRC - C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksdeui.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avpui.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\secd.exe (Apple, Inc.)
PRC - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
PRC - C:\Windows\SysWOW64\wbem\WmiPrvSE.exe (Microsoft Corporation)
PRC - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
PRC - C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Intel)
PRC - C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel)
PRC - C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe (AO Kaspersky Lab)
PRC - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe (AO Kaspersky Lab)
========== Modules (No Company Name) ==========
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._windows_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._core_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._gdi_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._misc_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._html2.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\wx._controls_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.volumes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.device_monitor.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.conditional.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\windows.winwrap.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32security.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32inet.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32process.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32pdh.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32pipe.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32ts.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32profile.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32gui.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32file.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32event.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32crypt.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32com.shell.shell.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\win32api.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\usb_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\unicodedata.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\thumbnails_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\select.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pythoncom27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pywintypes27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\pyexpat.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\common.time34.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\hashobjs_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_yappi.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_ssl.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_socket.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_psutil_windows.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_multiprocessing.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_hashlib.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\PIL._imaging.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_elementtree.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MA9D9~1\_ctypes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._windows_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._misc_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._html2.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._core_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._controls_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\wx._gdi_.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows._lib_cacheinvalidation.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.volumes.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.device_monitor.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.conditional.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\windows.winwrap.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32security.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32ts.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32profile.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32process.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32pipe.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32pdh.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32gui.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32file.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32inet.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32event.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32crypt.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32com.shell.shell.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\win32api.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\usb_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\unicodedata.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pythoncom27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pywintypes27.dll ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\thumbnails_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\select.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pysqlite2._sqlite.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\pyexpat.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_ssl.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_yappi.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\common.time34.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\hashobjs_ext.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_socket.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_psutil_windows.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_multiprocessing.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_hashlib.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\PIL._imaging.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_elementtree.pyd ()
MOD - C:\Users\Dylan156\AppData\Local\Temp\_MEI99~1\_ctypes.pyd ()
MOD - C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
MOD - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\kasperskylab.ksde.nativeinterop.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxslt.dll ()
MOD - C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWinRT.dll ()
MOD - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll ()
========== Services (SafeList) ==========
SRV:64bit: - (MBAMService) -- C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe (Malwarebytes)
SRV:64bit: - (spectrum) -- C:\Windows\SysNative\Spectrum.exe (Microsoft Corporation)
SRV:64bit: - (camsvc) -- C:\Windows\SysNative\CapabilityAccessManager.dll (Microsoft Corporation)
SRV:64bit: - (DiagTrack) -- C:\Windows\SysNative\diagtrack.dll (Microsoft Corporation)
SRV:64bit: - (RetailDemo) -- C:\Windows\SysNative\RDXService.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (AppReadiness) -- C:\Windows\SysNative\AppReadiness.dll (Microsoft Corporation)
SRV:64bit: - (WalletService) -- C:\Windows\SysNative\WalletService.dll (Microsoft Corporation)
SRV:64bit: - (wlpasvc) -- C:\Windows\SysNative\lpasvc.dll (Microsoft Corporation)
SRV:64bit: - (WFDSConMgrSvc) -- C:\Windows\SysNative\WFDSConMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (SmsRouter) -- C:\Windows\SysNative\SmsRouterSvc.dll (Microsoft Corporation)
SRV:64bit: - (SecurityHealthService) -- C:\Windows\SysNative\SecurityHealthService.exe (Microsoft Corporation)
SRV:64bit: - (SharedRealitySvc) -- C:\Windows\SysNative\SharedRealitySvc.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (NaturalAuthentication) -- C:\Windows\SysNative\NaturalAuth.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (AppXSvc) -- C:\Windows\SysNative\AppXDeploymentServer.dll (Microsoft Corporation)
SRV:64bit: - (diagsvc) -- C:\Windows\SysNative\DiagSvc.dll (Microsoft Corporation)
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (TieringEngineService) -- C:\Windows\SysNative\TieringEngineService.exe (Microsoft Corporation)
SRV:64bit: - (ScDeviceEnum) -- C:\Windows\SysNative\ScDeviceEnum.dll (Microsoft Corporation)
SRV:64bit: - (SensorDataService) -- C:\Windows\SysNative\SensorDataService.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc) -- C:\Windows\SysNative\PrintWorkflowService.dll (Microsoft Corporation)
SRV:64bit: - (RmSvc) -- C:\Windows\SysNative\RMapi.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (UserManager) -- C:\Windows\SysNative\usermgr.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (WEPHOSTSVC) -- C:\Windows\SysNative\wephostsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (diagnosticshub.standardcollector.service) -- C:\Windows\SysNative\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (Microsoft Corporation)
SRV:64bit: - (wisvc) -- C:\Windows\SysNative\FlightSettings.dll (Microsoft Corporation)
SRV:64bit: - (NetSetupSvc) -- C:\Windows\SysNative\NetSetupSvc.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UserDataSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PrintWorkflowUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (MessagingService_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc_56640) -- C:\Windows\SysNative\svchost.exe (Microsoft Corporation)
SRV:64bit: - (CoreMessagingRegistrar) -- C:\Windows\SysNative\CoreMessaging.dll (Microsoft Corporation)
SRV:64bit: - (DevicesFlowUserSvc) -- C:\Windows\SysNative\DevicesFlowBroker.dll (Microsoft Corporation)
SRV:64bit: - (shpamsvc) -- C:\Windows\SysNative\Windows.SharedPC.AccountManager.dll (Microsoft Corporation)
SRV:64bit: - (UsoSvc) -- C:\Windows\SysNative\usocore.dll (Microsoft Corporation)
SRV:64bit: - (PhoneSvc) -- C:\Windows\SysNative\PhoneService.dll (Microsoft Corporation)
SRV:64bit: - (smphost) -- C:\Windows\SysNative\smphost.dll (Microsoft Corporation)
SRV:64bit: - (DoSvc) -- C:\Windows\SysNative\dosvc.dll (Microsoft Corporation)
SRV:64bit: - (DmEnrollmentSvc) -- C:\Windows\SysNative\Windows.Internal.Management.dll (Microsoft Corporation)
SRV:64bit: - (SensorService) -- C:\Windows\SysNative\SensorService.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (EntAppSvc) -- C:\Windows\SysNative\EnterpriseAppMgmtSvc.dll (Microsoft Corporation)
SRV:64bit: - (XboxGipSvc) -- C:\Windows\SysNative\xboxgipsvc.dll (Microsoft Corporation)
SRV:64bit: - (dmwappushservice) -- C:\Windows\SysNative\dmwappushsvc.dll (Microsoft Corporation)
SRV:64bit: - (StateRepository) -- C:\Windows\SysNative\Windows.StateRepository.dll (Microsoft Corporation)
SRV:64bit: - (UserDataSvc) -- C:\Windows\SysNative\UserDataService.dll (Microsoft Corporation)
SRV:64bit: - (InstallService) -- C:\Windows\SysNative\InstallService.dll (Microsoft Corporation)
SRV:64bit: - (UnistoreSvc) -- C:\Windows\SysNative\Unistore.dll (Microsoft Corporation)
SRV:64bit: - (NgcSvc) -- C:\Windows\SysNative\ngcsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (NgcCtnrSvc) -- C:\Windows\SysNative\NgcCtnrSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcbService) -- C:\Windows\SysNative\ncbservice.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (WpnService) -- C:\Windows\SysNative\wpnservice.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (PushToInstall) -- C:\Windows\SysNative\PushToInstall.dll (Microsoft Corporation)
SRV:64bit: - (icssvc) -- C:\Windows\SysNative\tetheringservice.dll (Microsoft Corporation)
SRV:64bit: - (PimIndexMaintenanceSvc) -- C:\Windows\SysNative\PimIndexMaintenance.dll (Microsoft Corporation)
SRV:64bit: - (TimeBrokerSvc) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (MapsBroker) -- C:\Windows\SysNative\moshost.dll (Microsoft Corporation)
SRV:64bit: - (WpnUserService) -- C:\Windows\SysNative\WpnUserService.dll (Microsoft Corporation)
SRV:64bit: - (LicenseManager) -- C:\Windows\SysNative\LicenseManagerSvc.dll (Microsoft Corporation)
SRV:64bit: - (lfsvc) -- C:\Windows\SysNative\lfsvc.dll (Microsoft Corporation)
SRV:64bit: - (DevQueryBroker) -- C:\Windows\SysNative\DevQueryBroker.dll (Microsoft Corporation)
SRV:64bit: - (SEMgrSvc) -- C:\Windows\SysNative\SEMgrSvc.dll (Microsoft Corporation)
SRV:64bit: - (tiledatamodelsvc) -- C:\Windows\SysNative\tileobjserver.dll (Microsoft Corporation)
SRV:64bit: - (WarpJITSvc) -- C:\Windows\SysNative\Windows.WARP.JITService.dll (Microsoft Corporation)
SRV:64bit: - (XblGameSave) -- C:\Windows\SysNative\XblGameSave.dll (Microsoft Corporation)
SRV:64bit: - (GraphicsPerfSvc) -- C:\Windows\SysNative\GraphicsPerfSvc.dll (Microsoft Corporation)
SRV:64bit: - (xbgm) -- C:\Windows\SysNative\xbgmsvc.exe (Microsoft Corporation)
SRV:64bit: - (XblAuthManager) -- C:\Windows\SysNative\XblAuthManager.dll (Microsoft Corporation)
SRV:64bit: - (CDPSvc) -- C:\Windows\SysNative\cdpsvc.dll (Microsoft Corporation)
SRV:64bit: - (CDPUserSvc) -- C:\Windows\SysNative\cdpusersvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (DsSvc) -- C:\Windows\SysNative\dssvc.dll (Microsoft Corporation)
SRV:64bit: - (tzautoupdate) -- C:\Windows\SysNative\tzautoupdate.dll (Microsoft Corporation)
SRV:64bit: - (AJRouter) -- C:\Windows\SysNative\AJRouter.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (TokenBroker) -- C:\Windows\SysNative\TokenBroker.dll (Microsoft Corporation)
SRV:64bit: - (XboxNetApiSvc) -- C:\Windows\SysNative\XboxNetApiSvc.dll (Microsoft Corporation)
SRV:64bit: - (ClipSVC) -- C:\Windows\SysNative\ClipSVC.dll (Microsoft Corporation)
SRV:64bit: - (DusmSvc) -- C:\Windows\SysNative\dusmsvc.dll (Microsoft Corporation)
SRV:64bit: - (embeddedmode) -- C:\Windows\SysNative\embeddedmodesvc.dll (Microsoft Corporation)
SRV:64bit: - (HvHost) -- C:\Windows\SysNative\hvhostsvc.dll (Microsoft Corporation)
SRV:64bit: - (FrameServer) -- C:\Windows\SysNative\FrameServer.dll (Microsoft Corporation)
SRV:64bit: - (IpxlatCfgSvc) -- C:\Windows\SysNative\ipxlatcfg.dll (Microsoft Corporation)
SRV:64bit: - (MessagingService) -- C:\Windows\SysNative\MessagingService.dll (Microsoft Corporation)
SRV:64bit: - (WdNisSvc) -- C:\Program Files\Windows Defender\NisSrv.exe (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (workfolderssvc) -- C:\Windows\SysNative\workfolderssvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvcext.dll (Microsoft Corporation)
SRV:64bit: - (vmicvmsession) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicguestinterface) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (BthHFSrv) -- C:\Windows\SysNative\BthHFSrv.dll (Microsoft Corporation)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (OneSyncSvc) -- C:\Windows\SysNative\APHostService.dll (Microsoft Corporation)
SRV:64bit: - (ZeroConfigService) -- C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe (Intel® Corporation)
SRV:64bit: - (EvtEng) -- C:\Program Files\Intel\WiFi\bin\EvtEng.exe (Intel(R) Corporation)
SRV:64bit: - (MyWiFiDHCPDNS) -- C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe ()
SRV:64bit: - (RegSrvc) -- C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe (Intel(R) Corporation)
SRV:64bit: - (ibtsiva) -- C:\WINDOWS\SysNative\ibtsiva.exe (Intel Corporation)
SRV:64bit: - (SynTPEnhService) -- C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe (Synaptics Incorporated)
SRV:64bit: - (igfxCUIService2.0.0.0) -- C:\Windows\SysNative\igfxCUIService.exe (Intel Corporation)
SRV - (Steam Client Service) -- C:\Program Files (x86)\Common Files\Steam\SteamService.exe (Valve Corporation)
SRV - (klvssbridge64_18.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\x64\vssbridge64.exe (AO Kaspersky Lab)
SRV - (EasyAntiCheat) -- C:\Windows\SysWOW64\EasyAntiCheat.exe (EasyAntiCheat Ltd)
SRV - (PrintWorkflowUserSvc) -- C:\Windows\SysWOW64\PrintWorkflowService.dll (Microsoft Corporation)
SRV - (CoreMessagingRegistrar) -- C:\Windows\SysWOW64\CoreMessaging.dll (Microsoft Corporation)
SRV - (StateRepository) -- C:\Windows\SysWOW64\Windows.StateRepository.dll (Microsoft Corporation)
SRV - (InstallService) -- C:\Windows\SysWOW64\InstallService.dll (Microsoft Corporation)
SRV - (DmEnrollmentSvc) -- C:\Windows\SysWOW64\Windows.Internal.Management.dll (Microsoft Corporation)
SRV - (TokenBroker) -- C:\Windows\SysWOW64\TokenBroker.dll (Microsoft Corporation)
SRV - (UnistoreSvc) -- C:\Windows\SysWOW64\Unistore.dll (Microsoft Corporation)
SRV - (smphost) -- C:\Windows\SysWOW64\smphost.dll (Microsoft Corporation)
SRV - (PrintNotify) -- C:\WINDOWS\system32\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (AdobeARMservice) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Systems Incorporated)
SRV - (HPSupportSolutionsFrameworkService) -- C:\Program Files (x86)\Hewlett-Packard\HP Support Solutions\HPSupportSolutionsFrameworkService.exe (HP Inc.)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (HiPatchService) -- C:\Program Files (x86)\Hi-Rez Studios\HiPatchService.exe (Hi-Rez Studios)
SRV - (DSAService) -- C:\Program Files (x86)\Intel Driver and Support Assistant\DSAService.exe (Intel)
SRV - (MozillaMaintenance) -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe (Mozilla Foundation)
SRV - (Garmin Device Interaction Service) -- C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe (Garmin Ltd. or its subsidiaries)
SRV - (KSDE2.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 2.0\ksde.exe (AO Kaspersky Lab)
SRV - (AVP18.0.0) -- C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\avp.exe (AO Kaspersky Lab)
SRV - (cphs) -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe (Intel Corporation)
SRV - (SkypeUpdate) -- C:\Program Files (x86)\Skype\Updater\Updater.exe (Skype Technologies)
========== Driver Services (SafeList) ==========
DRV:64bit: - (MBAMWebProtection) -- C:\Windows\SysNative\drivers\mwac.sys (Malwarebytes)
DRV:64bit: - (MBAMChameleon) -- C:\Windows\SysNative\drivers\MbamChameleon.sys (Malwarebytes)
DRV:64bit: - (MBAMFarflt) -- C:\Windows\SysNative\drivers\farflt.sys (Malwarebytes)
DRV:64bit: - (MBAMProtection) -- C:\Windows\SysNative\drivers\mbam.sys (Malwarebytes)
DRV:64bit: - (MBAMSwissArmy) -- C:\Windows\SysNative\drivers\mbamswissarmy.sys (Malwarebytes)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (UrsCx01000) -- C:\Windows\SysNative\drivers\urscx01000.sys (Microsoft Corporation)
DRV:64bit: - (UcmUcsi) -- C:\Windows\SysNative\drivers\UcmUcsi.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (ESProtectionDriver) -- C:\Windows\SysNative\drivers\mbae64.sys ()
DRV:64bit: - (klupd_klif_klark) -- C:\Windows\SysNative\drivers\klupd_klif_klark.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_klbg) -- C:\Windows\SysNative\drivers\klupd_klif_klbg.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_arkmon) -- C:\Windows\SysNative\drivers\klupd_klif_arkmon.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_mark) -- C:\Windows\SysNative\drivers\klupd_klif_mark.sys (AO Kaspersky Lab)
DRV:64bit: - (klupd_klif_kimul) -- C:\Windows\SysNative\drivers\klupd_klif_kimul.sys (AO Kaspersky Lab)
DRV:64bit: - (KLIF) -- C:\Windows\SysNative\drivers\klif.sys (AO Kaspersky Lab)
DRV:64bit: - (klhk) -- C:\Windows\SysNative\drivers\klhk.sys (AO Kaspersky Lab)
DRV:64bit: - (klflt) -- C:\Windows\SysNative\drivers\klflt.sys (AO Kaspersky Lab)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (wcifs) -- C:\Windows\SysNative\drivers\wcifs.sys (Microsoft Corporation)
DRV:64bit: - (storufs) -- C:\Windows\SysNative\drivers\storufs.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (UcmCx0101) -- C:\Windows\SysNative\drivers\UcmCx.sys (Microsoft Corporation)
DRV:64bit: - (kneps) -- C:\Windows\SysNative\drivers\kneps.sys (AO Kaspersky Lab)
DRV:64bit: - (Klwtp) -- C:\Windows\SysNative\drivers\klwtp.sys (AO Kaspersky Lab)
DRV:64bit: - (klbackupflt) -- C:\Windows\SysNative\drivers\klbackupflt.sys (AO Kaspersky Lab)
DRV:64bit: - (klbackupdisk) -- C:\Windows\SysNative\drivers\klbackupdisk.sys (AO Kaspersky Lab)
DRV:64bit: - (klpd) -- C:\Windows\SysNative\drivers\klpd.sys (AO Kaspersky Lab)
DRV:64bit: - (NETwNb64) -- C:\Windows\SysNative\drivers\Netwbw02.sys (Intel Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (SpatialGraphFilter) -- C:\Windows\SysNative\drivers\SpatialGraphFilter.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (wdiwifi) -- C:\Windows\SysNative\drivers\WdiWiFi.sys (Microsoft Corporation)
DRV:64bit: - (irda) -- C:\Windows\SysNative\drivers\irda.sys (Microsoft Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (bam) -- C:\Windows\SysNative\drivers\bam.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (NdisVirtualBus) -- C:\Windows\SysNative\drivers\NdisVirtualBus.sys (Microsoft Corporation)
DRV:64bit: - (ahcache) -- C:\Windows\SysNative\drivers\ahcache.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (NetAdapterCx) -- C:\Windows\SysNative\drivers\NetAdapterCx.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (ReFS) -- C:\WINDOWS\SysNative\drivers\refs.sys (Microsoft Corporation)
DRV:64bit: - (Wof) -- C:\WINDOWS\SysNative\drivers\wof.sys (Microsoft Corporation)
DRV:64bit: - (wdnsfltr) -- C:\Windows\SysNative\drivers\wdnsfltr.sys (Microsoft Corporation)
DRV:64bit: - (applockerfltr) -- C:\Windows\SysNative\drivers\applockerfltr.sys (Microsoft Corporation)
DRV:64bit: - (ReFSv1) -- C:\WINDOWS\SysNative\drivers\refsv1.sys (Microsoft Corporation)
DRV:64bit: - (CldFlt) -- C:\Windows\SysNative\drivers\cldflt.sys (Microsoft Corporation)
DRV:64bit: - (Ufx01000) -- C:\Windows\SysNative\drivers\ufx01000.sys (Microsoft Corporation)
DRV:64bit: - (SerCx2) -- C:\Windows\SysNative\drivers\SerCx2.sys (Microsoft Corporation)
DRV:64bit: - (UcmTcpciCx0101) -- C:\Windows\SysNative\drivers\UcmTcpciCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (storqosflt) -- C:\Windows\SysNative\drivers\storqosflt.sys (Microsoft Corporation)
DRV:64bit: - (wcnfs) -- C:\Windows\SysNative\drivers\wcnfs.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRT) -- C:\Windows\SysNative\drivers\WindowsTrustedRT.sys (Microsoft Corporation)
DRV:64bit: - (IndirectKmd) -- C:\Windows\SysNative\drivers\IndirectKmd.sys (Microsoft Corporation)
DRV:64bit: - (cnghwassist) -- C:\Windows\SysNative\drivers\cnghwassist.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (HwNClx0101) -- C:\Windows\SysNative\drivers\mshwnclx.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (hvservice) -- C:\Windows\SysNative\drivers\hvservice.sys (Microsoft Corporation)
DRV:64bit: - (GpuEnergyDrv) -- C:\Windows\SysNative\drivers\gpuenergydrv.sys (Microsoft Corporation)
DRV:64bit: - (iorate) -- C:\Windows\SysNative\drivers\iorate.sys (Microsoft Corporation)
DRV:64bit: - (MMCSS) -- C:\Windows\SysNative\drivers\mmcss.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (WdNisDrv) -- C:\Windows\SysNative\drivers\WdNisDrv.sys (Microsoft Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (Ucx01000) -- C:\Windows\SysNative\drivers\Ucx01000.sys (Microsoft Corporation)
DRV:64bit: - (WinNat) -- C:\Windows\SysNative\drivers\winnat.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (tsusbflt) -- C:\Windows\SysNative\drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (FileCrypt) -- C:\Windows\SysNative\drivers\filecrypt.sys (Microsoft Corporation)
DRV:64bit: - (UdeCx) -- C:\Windows\SysNative\drivers\Udecx.sys (Microsoft Corporation)
DRV:64bit: - (Ramdisk) -- C:\Windows\SysNative\drivers\ramdisk.sys (Microsoft Corporation)
DRV:64bit: - (vhf) -- C:\Windows\SysNative\drivers\vhf.sys (Microsoft Corporation)
DRV:64bit: - (IPT) -- C:\Windows\SysNative\drivers\ipt.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (xboxgip) -- C:\Windows\SysNative\drivers\xboxgip.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (BthA2DP) -- C:\Windows\SysNative\drivers\BthA2DP.sys (Microsoft Corporation)
DRV:64bit: - (ufxsynopsys) -- C:\Windows\SysNative\drivers\ufxsynopsys.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (UfxChipidea) -- C:\Windows\SysNative\drivers\UfxChipidea.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (bthl2cap) -- C:\Windows\SysNative\drivers\bthl2cap.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (hidinterrupt) -- C:\Windows\SysNative\drivers\hidinterrupt.sys (Microsoft Corporation)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (xinputhid) -- C:\Windows\SysNative\drivers\xinputhid.sys (Microsoft Corporation)
DRV:64bit: - (BthHFAud) -- C:\Windows\SysNative\drivers\BthHfAud.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (buttonconverter) -- C:\Windows\SysNative\drivers\buttonconverter.sys (Microsoft Corporation)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (UrsChipidea) -- C:\Windows\SysNative\drivers\urschipidea.sys (Microsoft Corporation)
DRV:64bit: - (UrsSynopsys) -- C:\Windows\SysNative\drivers\urssynopsys.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (genericusbfn) -- C:\Windows\SysNative\drivers\genericusbfn.sys (Microsoft Corporation)
DRV:64bit: - (WindowsTrustedRTProxy) -- C:\Windows\SysNative\drivers\WindowsTrustedRTProxy.sys (Microsoft Corporation)
DRV:64bit: - (netvsc) -- C:\Windows\SysNative\drivers\netvsc.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (Synth3dVsc) -- C:\Windows\SysNative\drivers\Synth3dVsc.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (SDFRd) -- C:\Windows\SysNative\drivers\SDFRd.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (vmgid) -- C:\Windows\SysNative\drivers\vmgid.sys (Microsoft Corporation)
DRV:64bit: - (iaStorAV) -- C:\Windows\SysNative\drivers\iaStorAV.sys (Intel Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (mausbhost) -- C:\Windows\SysNative\drivers\mausbhost.sys (Microsoft Corporation)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (scmbus) -- C:\Windows\SysNative\drivers\scmbus.sys (Microsoft Corporation)
DRV:64bit: - (stornvme) -- C:\Windows\SysNative\drivers\stornvme.sys (Microsoft Corporation)
DRV:64bit: - (pmem) -- C:\Windows\SysNative\drivers\pmem.sys (Microsoft Corporation)
DRV:64bit: - (nvdimmn) -- C:\Windows\SysNative\drivers\nvdimmn.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (usbser) -- C:\Windows\SysNative\drivers\usbser.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (mausbip) -- C:\Windows\SysNative\drivers\mausbip.sys (Microsoft Corporation)
DRV:64bit: - (vnvdimm) -- C:\Windows\SysNative\drivers\vnvdimm.sys (Microsoft Corporation)
DRV:64bit: - (invdimm) -- C:\Windows\SysNative\drivers\invdimm.sys (Microsoft Corporation)
DRV:64bit: - (bttflt) -- C:\Windows\SysNative\drivers\bttflt.sys (Microsoft Corporation)
DRV:64bit: - (UEFI) -- C:\Windows\SysNative\drivers\uefi.sys (Microsoft Corporation)
DRV:64bit: - (volume) -- C:\Windows\SysNative\drivers\volume.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (cht4vbd) -- C:\Windows\SysNative\drivers\cht4vx64.sys (Chelsio Communications)
DRV:64bit: - (ADP80XX) -- C:\Windows\SysNative\drivers\adp80xx.sys (PMC-Sierra)
DRV:64bit: - (mlx4_bus) -- C:\Windows\SysNative\drivers\mlx4_bus.sys (Mellanox)
DRV:64bit: - (ibbus) -- C:\Windows\SysNative\drivers\ibbus.sys (Mellanox)
DRV:64bit: - (cht4iscsi) -- C:\Windows\SysNative\drivers\cht4sx64.sys (Chelsio Communications)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (LSI_SAS2i) -- C:\Windows\SysNative\drivers\lsi_sas2i.sys (LSI Corporation)
DRV:64bit: - (CapImg) -- C:\Windows\SysNative\drivers\capimg.sys (Microsoft Corporation)
DRV:64bit: - (ndfltr) -- C:\Windows\SysNative\drivers\ndfltr.sys (Mellanox)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\drivers\3ware.sys (LSI)
DRV:64bit: - (LSI_SAS3i) -- C:\Windows\SysNative\drivers\lsi_sas3i.sys (Avago Technologies)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (WinVerbs) -- C:\Windows\SysNative\drivers\winverbs.sys (Mellanox)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (megasas2i) -- C:\Windows\SysNative\drivers\MegaSas2i.sys (Avago Technologies)
DRV:64bit: - (percsas3i) -- C:\Windows\SysNative\drivers\percsas3i.sys (Avago Technologies)
DRV:64bit: - (percsas2i) -- C:\Windows\SysNative\drivers\percsas2i.sys (Avago Technologies)
DRV:64bit: - (WinMad) -- C:\Windows\SysNative\drivers\winmad.sys (Mellanox)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (AcpiDev) -- C:\Windows\SysNative\drivers\AcpiDev.sys (Microsoft Corporation)
DRV:64bit: - (bcmfn2) -- C:\Windows\SysNative\drivers\bcmfn2.sys (Windows (R) Win 7 DDK provider)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\drivers\evbda.sys (QLogic Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\drivers\bxvbda.sys (QLogic Corporation)
DRV:64bit: - (intelpep) -- C:\Windows\SysNative\drivers\intelpep.sys (Microsoft Corporation)
DRV:64bit: - (rhproxy) -- C:\Windows\SysNative\drivers\rhproxy.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_GPIO) -- C:\Windows\SysNative\drivers\iaLPSSi_GPIO.sys (Intel Corporation)
DRV:64bit: - (WSDScan) -- C:\Windows\SysNative\drivers\WSDScan.sys (Microsoft Corporation)
DRV:64bit: - (WSDPrintDevice) -- C:\Windows\SysNative\drivers\WSDPrint.sys (Microsoft Corporation)
DRV:64bit: - (PNPMEM) -- C:\Windows\SysNative\drivers\pnpmem.sys (Microsoft Corporation)
DRV:64bit: - (StillCam) -- C:\Windows\SysNative\drivers\serscan.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSS2i_I2C_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_I2C) -- C:\Windows\SysNative\drivers\iaLPSS2i_I2C.sys (Intel Corporation)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (iaLPSSi_I2C) -- C:\Windows\SysNative\drivers\iaLPSSi_I2C.sys (Intel Corporation)
DRV:64bit: - (iai2c) -- C:\Windows\SysNative\drivers\iai2c.sys (Intel(R) Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2_BXT_P) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2_BXT_P.sys (Intel Corporation)
DRV:64bit: - (iaLPSS2i_GPIO2) -- C:\Windows\SysNative\drivers\iaLPSS2i_GPIO2.sys (Intel Corporation)
DRV:64bit: - (CAD) -- C:\Windows\SysNative\drivers\CAD.sys (Microsoft Corporation)
DRV:64bit: - (CompositeBus) -- C:\Windows\SysNative\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys (Microsoft Corporation)
DRV:64bit: - (iagpio) -- C:\Windows\SysNative\drivers\iagpio.sys (Intel(R) Corporation)
DRV:64bit: - (ibtusb) -- C:\Windows\SysNative\drivers\ibtusb.sys (Intel Corporation)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (SmbDrvI) -- C:\Windows\SysNative\drivers\Smb_driver_Intel.sys (Synaptics Incorporated)
DRV:64bit: - (klpnpflt) -- C:\Windows\SysNative\drivers\klpnpflt.sys (AO Kaspersky Lab)
DRV:64bit: - (cm_km) -- C:\Windows\SysNative\drivers\cm_km.sys (AO Kaspersky Lab)
DRV:64bit: - (klkbdflt) -- C:\Windows\SysNative\drivers\klkbdflt.sys (AO Kaspersky Lab)
DRV:64bit: - (klwfp) -- C:\Windows\SysNative\drivers\klwfp.sys (AO Kaspersky Lab)
DRV:64bit: - (klmouflt) -- C:\Windows\SysNative\drivers\klmouflt.sys (AO Kaspersky Lab)
DRV:64bit: - (igfx) -- C:\Windows\SysNative\drivers\igdkmd64.sys (Intel Corporation)
DRV:64bit: - (semav6msr64) -- C:\Windows\SysNative\drivers\semav6msr64.sys ()
DRV:64bit: - (klelam) -- C:\Windows\SysNative\drivers\klelam.sys (AO Kaspersky Lab)
DRV:64bit: - (KLIM6) -- C:\Windows\SysNative\drivers\klim6.sys (AO Kaspersky Lab)
DRV:64bit: - (kl1) -- C:\Windows\SysNative\drivers\kl1.sys (AO Kaspersky Lab)
DRV:64bit: - (ssudmdm) -- C:\Windows\SysNative\drivers\ssudmdm.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (dg_ssudbus) -- C:\Windows\SysNative\drivers\ssudbus.sys (Samsung Electronics Co., Ltd.)
DRV:64bit: - (tosrfec) -- C:\Windows\SysNative\drivers\tosrfec.sys (TOSHIBA Corporation)
DRV:64bit: - (TVALZ) -- C:\Windows\SysNative\drivers\TVALZ_O.SYS (TOSHIBA Corporation)
DRV:64bit: - (kltap) -- C:\Windows\SysNative\drivers\kltap.sys (The OpenVPN Project)
DRV:64bit: - (kldisk) -- C:\Windows\SysNative\drivers\kldisk.sys (AO Kaspersky Lab)
DRV:64bit: - (IntcDAud) -- C:\Windows\SysNative\drivers\IntcDAud.sys (Intel(R) Corporation)
DRV:64bit: - (SmbDrv) -- C:\Windows\SysNative\drivers\Smb_driver_AMDASF.sys (Synaptics Incorporated)
DRV:64bit: - (Thotkey) -- C:\Windows\SysNative\drivers\Thotkey.sys (Toshiba Corporation)
DRV:64bit: - (AmPeStor) -- C:\Windows\SysNative\drivers\AmPeStor.sys (Alcor Micro, Corp.)
DRV:64bit: - (MEIx64) -- C:\Windows\SysNative\drivers\TeeDriverx64.sys (Intel Corporation)
DRV:64bit: - (RTL8168) -- C:\Windows\SysNative\drivers\Rt630x64.sys (Realtek )
DRV:64bit: - (iaStorA) -- C:\Windows\SysNative\drivers\iaStorA.sys (Intel Corporation)
DRV:64bit: - (ScpVBus) -- C:\Windows\SysNative\drivers\ScpVBus.sys (Scarlet.Crush Productions)
DRV:64bit: - (DSI_SiUSBXp_3_1) -- C:\Windows\SysNative\drivers\DSI_SiUSBXp_3_1.sys (Silicon Laboratories)
DRV - (CompositeBus) -- C:\WINDOWS\System32\DriverStore\FileRepository\compositebus.inf_amd64_9c1fb8f4db31c348\CompositeBus.sys (Microsoft Corporation)
========== Standard Registry (SafeList) ==========
========== Internet Explorer ==========
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page_TIMESTAMP = 16 A2 AF 7B DF CC D1 01 [binary data]
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,SyncHomePage Protected - It is a violation of Windows Policy to modify. See aka.ms/browserpolicy = 01 00 00 00 33 00 00 00 1B CA E5 09 1A 18 01 3A 57 8E C5 F1 13 80 E3 1B 2C F1 28 E9 B9 76 6A 94 22 2B AA 2F 66 61 D9 D1 AD 37 F0 41 55 6B 39 BC 3B 62 EC C3 F9 24 84 CE 46 5E 5A 02 00 00 00 0E 00 00 00 32 48 43 77 4B 58 56 46 63 39 67 25 33 64 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ==========
FF - prefs.js..browser.search.countryCode: "US"
FF - prefs.js..browser.search.region: "US"
FF - prefs.js..browser.startup.homepage: "https://www.google.com/"
FF - prefs.js..extensions.enabledAddons: support%40lastpass.com:3.3.4
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:54.0.1
FF - user.js - File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.131.2: C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.131.2: C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll ()
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=11.144.2: C:\Program Files (x86)\Java\jre1.8.0_144\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@lastpass.com/NPLastPass: C:\Program Files (x86)\LastPass\nplastpass64.dll (LastPass)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/Lync,version=15.0: C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.33.7\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@my.com/Games: C:\Users\Dylan156\AppData\Local\MyComGames\NPMyComDetector.dll (MY.COM B.V.)
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher: C:\Users\Dylan156\AppData\Local\Roblox\Versions\version-e6d872d544b64cd9\\NPRobloxProxy.dll ()
FF - HKCU\Software\MozillaPlugins\@nsroblox.roblox.com/launcher64: C:\Users\Dylan156\AppData\Local\Roblox\Versions\version-e6d872d544b64cd9\\NPRobloxProxy64.dll ()
64bit-FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\PROGRAM FILES (X86)\KASPERSKY LAB\KASPERSKY FREE 18.0.0\FFEXT\LIGHT_PLUGIN_FIREFOX\ADDON.XPI [2017/10/28 17:51:59 | 000,169,074 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\Program Files (x86)\Kaspersky Lab\Kaspersky Free 18.0.0\FFExt\light_plugin_firefox\addon.xpi [2017/10/28 17:51:59 | 000,169,074 | ---- | M] ()
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 54.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins
[2017/06/14 16:17:26 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Extensions
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\browser-extension-data
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\browser-extension-data\87677a2c52b84ad3a151a4a72f5bd3c4@jetpack
[2017/07/23 16:43:05 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\extensions
[2017/06/14 16:23:54 | 000,000,000 | ---D | M] (LastPass) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\extensions\[email protected]
[2017/06/14 16:44:12 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\storage\default\moz-extension+++e7df98e0-04f0-4505-9324-d8943103bc37^addonId=87677a2c52b84ad3a151a4a72f5bd3c4%40jetpack
[2017/07/31 08:56:53 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\Firefox\Profiles\x8q51wdg.default\storage\default\moz-extension+++e7df98e0-04f0-4505-9324-d8943103bc37^addonId=87677a2c52b84ad3a151a4a72f5bd3c4%40jetpack\idb
[2017/07/23 16:43:05 | 004,266,946 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\extensions\[email protected]
[2017/06/14 16:26:26 | 000,005,247 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\extensions\[email protected]
[2017/07/04 09:57:42 | 000,009,974 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\features\{dac783d8-6917-4125-aa2d-9d27d7a2be4e}\[email protected]
[2017/07/04 09:57:42 | 000,044,954 | ---- | M] () (No name found) -- C:\Users\Dylan156\AppData\Roaming\mozilla\firefox\profiles\x8q51wdg.default\features\{dac783d8-6917-4125-aa2d-9d27d7a2be4e}\[email protected]
[2017/07/04 09:56:54 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
========== Chrome ==========
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek\0.10_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.10_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\14.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\apkldkehnmnkbcgkjbgchjghikcggpog\3.0.0.0_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.8_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj\15.1.0.6_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap\1.2_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmfibdjbnmndigbklnlllakjbjheiopj\1.0.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\gdmmodjlfegeieihcdcgcalkgmhgmiae\1.0.3_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi\1.4_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\gmbmikajjgmnabiglmofipeabaddhgne\2.1.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\hdokiejnpimakedhajhdlcegeplioahd\4.2.0.11_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\jepibmfmhopgkplegmkjgifmhabbjadg\8.4.0_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh\3.2_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\mchjnmdbdlkdbfliogedbnpnanfjnolk\5.1.93.0_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\njkkjobcechefaoknodniidfjapgfoco\2.2.7_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\1.0.0.3_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\8.1_0\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6117.717.0.4_1\
CHR - Extension: No name found = C:\Users\Dylan156\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm\6217.911.0.5_0\
O1 HOSTS File: ([2015/10/29 21:46:13 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2:64bit: - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O2:64bit: - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (no name) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - No CLSID value found.
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (LastPass Vault) - {95D9ECF5-2A4D-4550-BE49-70D42F71296E} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_144\bin\jp2ssv.dll (Oracle Corporation)
O3:64bit: - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O3 - HKLM\..\Toolbar: (LastPass Toolbar) - {9f6b5cc3-5c7b-4b5c-97af-19dec1e380e5} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O4:64bit: - HKLM..\Run: [SecurityHealth] C:\Program Files\Windows Defender\MSASCuiL.exe (Microsoft Corporation)
O4 - HKLM..\Run: [DSATray] C:\Program Files (x86)\Intel Driver and Support Assistant\DSATray.exe (Intel)
O4 - HKCU..\Run: [Discord] C:\Users\Dylan156\AppData\Local\Discord\app-0.0.297\Discord.exe (Hammer & Chisel, Inc.)
O4 - HKCU..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd. or its subsidiaries)
O4 - HKCU..\Run: [GoogleDriveSync] C:\Program Files (x86)\Google\Drive\googledrivesync.exe ()
O4 - HKCU..\Run: [iCloudDrive] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudDrive.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudPhotos] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudPhotos.exe (Apple Inc.)
O4 - HKCU..\Run: [iCloudServices] C:\Program Files (x86)\Common Files\Apple\Internet Services\iCloudServices.exe (Apple Inc.)
O4 - HKCU..\Run: [MyComGames] C:\Users\Dylan156\AppData\Local\MyComGames\MyComGames.exe (MY.COM B.V.)
O4 - HKCU..\Run: [OneDrive] C:\Users\Dylan156\AppData\Local\Microsoft\OneDrive\OneDrive.exe (Microsoft Corporation)
O4 - HKCU..\Run: [Spotify Web Helper] C:\Users\Dylan156\AppData\Roaming\Spotify\SpotifyWebHelper.exe (Spotify Ltd)
O4 - HKCU..\Run: [Steam] C:\Program Files (x86)\Steam\steam.exe (Valve Corporation)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DSCAutomationHostEnabled = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableFullTrustStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableUwpStartupTasks = 2
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportFullTrustStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: SupportUwpStartupTasks = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O8:64bit: - Extra context menu item: LastPass - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8:64bit: - Extra context menu item: LastPass Fill Forms - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O8 - Extra context menu item: LastPass - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=lastpass File not found
O8 - Extra context menu item: LastPass Fill Forms - file://C:\Users\Dylan156\AppData\LocalLow\LastPass\context.html?cmd=fillforms File not found
O9:64bit: - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9:64bit: - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar_x64.dll (LastPass)
O9 - Extra Button: LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O9 - Extra 'Tools' menuitem : LastPass - {43699cd0-e34f-11de-8a39-0800200c9a66} - C:\Program Files (x86)\LastPass\LPToolbar.dll (LastPass)
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O15 - HKCU\..Trusted Domains: sharepoint.com ([randolphtownshipschools-files] https in Trusted sites)
O15 - HKCU\..Trusted Domains: sharepoint.com ([randolphtownshipschools-myfiles] https in Trusted sites)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{c272774c-3ff8-4d2f-9546-0a7899823574}: DhcpNameServer = 10.4.0.10 10.1.0.10 10.9.20.10
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{eab49cd1-a6ff-4456-8b5b-91fa33ce490c}: DhcpNameServer = 192.168.1.1
O18:64bit: - Protocol\Handler\mso-minsb.16 - No CLSID value found
O18:64bit: - Protocol\Handler\mso-minsb-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf.16 - No CLSID value found
O18:64bit: - Protocol\Handler\osf-roaming.16 - No CLSID value found
O18:64bit: - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18:64bit: - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysNative\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O18 - Protocol\Handler\windows.tbauth {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2015/05/03 15:30:48 | 000,000,000 | ---D | M] - C:\Autodesk -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
========== Files/Folders - Created Within 30 Days ==========
[2017/11/27 16:14:18 | 000,253,192 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2017/11/27 16:14:01 | 000,107,680 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2017/11/27 16:14:00 | 000,230,312 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2017/11/27 16:08:16 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Dylan156\Desktop\OTL.exe
[2017/11/27 15:47:21 | 000,193,464 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2017/11/27 15:47:17 | 000,110,016 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/11/27 15:47:17 | 000,094,144 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/11/27 15:47:06 | 000,046,008 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/11/27 15:47:00 | 000,253,880 | ---- | C] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2017/11/27 15:46:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
[2017/11/27 15:46:38 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2017/11/27 15:46:38 | 000,000,000 | ---D | C] -- C:\Program Files\Malwarebytes
[2017/11/27 15:41:03 | 078,346,672 | ---- | C] (Malwarebytes ) -- C:\Users\Dylan156\Desktop\mb3-setup-consumer-3.3.1.2183.exe
[2017/11/27 15:20:33 | 000,000,000 | ---D | C] -- C:\AdwCleaner
[2017/11/25 17:04:22 | 000,000,000 | -H-D | C] -- C:\OneDriveTemp
[2017/11/20 16:36:05 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\DESIGNER
[2017/11/13 15:36:35 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iCloud
[2017/11/13 15:34:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2017/11/13 15:34:31 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2017/11/13 15:31:52 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2017/11/06 14:23:40 | 000,076,472 | ---- | C] (Flash-Integro LLC) -- C:\WINDOWS\SysNative\mslvddsfilter4.ax
[2017/11/06 14:23:34 | 000,638,976 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysNative\divx.dll
[2017/11/06 14:23:34 | 000,438,272 | ---- | C] (On2.com) -- C:\WINDOWS\SysNative\vp6vfw.dll
[2017/11/06 14:23:34 | 000,261,632 | ---- | C] (MainConcept) -- C:\WINDOWS\SysNative\mcdvd_32.dll
[2017/11/06 14:23:34 | 000,221,215 | ---- | C] (DivXNetworks, Inc.) -- C:\WINDOWS\SysNative\divxdec.ax
[2017/11/06 14:23:34 | 000,082,944 | ---- | C] (Voxware, Inc.) -- C:\WINDOWS\SysNative\vct3216.acm
[2017/11/06 14:23:34 | 000,081,920 | ---- | C] (fccHandler) -- C:\WINDOWS\SysNative\AC3ACM.acm
[2017/11/06 14:23:34 | 000,038,912 | ---- | C] (NCT Company) -- C:\WINDOWS\SysNative\alf2cd.acm
[2017/11/06 14:23:34 | 000,013,239 | ---- | C] (SHARP Corporation) -- C:\WINDOWS\SysNative\Scg726.acm
[2017/11/06 14:23:34 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\FlashIntegro
[2017/11/06 14:23:33 | 000,000,000 | ---D | C] -- C:\Program Files\FlashIntegro
[2017/11/02 15:13:31 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\EasyAntiCheat
[2017/11/01 21:10:03 | 000,000,000 | -HSD | C] -- C:\Recovery
[2017/11/01 20:00:50 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft OneDrive
[2017/11/01 19:58:58 | 000,000,000 | -H-D | C] -- C:\Users\Dylan156\MicrosoftEdgeBackups
[2017/11/01 19:57:54 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\PackageStaging
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Templates
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Start Menu
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Documents
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Desktop
[2017/11/01 18:06:07 | 000,000,000 | -HSD | C] -- C:\ProgramData\Application Data
[2017/11/01 17:22:13 | 000,000,000 | ---D | C] -- C:\ProgramData\USOShared
[2017/11/01 17:18:13 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Packages
[2017/11/01 17:17:17 | 000,000,000 | --SD | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Windows PowerShell
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2017/11/01 17:17:17 | 000,000,000 | R--D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\Temporary Internet Files
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Templates
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Start Menu
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\SendTo
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Recent
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\PrintHood
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\NetHood
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Videos
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Pictures
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Documents\My Music
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\My Documents
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Local Settings
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\History
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Cookies
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\Application Data
[2017/11/01 17:17:17 | 000,000,000 | -HSD | C] -- C:\Users\Dylan156\AppData\Local\Application Data
[2017/11/01 17:17:17 | 000,000,000 | -H-D | C] -- C:\Users\Dylan156\AppData
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Temp
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Local\Microsoft
[2017/11/01 17:17:17 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2017/11/01 17:14:57 | 000,103,976 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysWow64\OpenCL.DLL
[2017/11/01 17:14:57 | 000,099,880 | ---- | C] (Khronos Group) -- C:\WINDOWS\SysNative\OpenCL.DLL
[2017/11/01 17:12:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\Prefetch
[2017/11/01 17:10:51 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\SleepStudy
[2017/11/01 16:38:34 | 001,055,448 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klif.sys
[2017/11/01 16:38:34 | 000,554,408 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kl1.sys
[2017/11/01 16:38:34 | 000,247,008 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\cm_km.sys
[2017/11/01 16:38:34 | 000,207,576 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klflt.sys
[2017/11/01 16:38:34 | 000,199,360 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kneps.sys
[2017/11/01 16:38:34 | 000,173,144 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2017/11/01 16:38:34 | 000,136,176 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klwtp.sys
[2017/11/01 16:38:34 | 000,093,920 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klwfp.sys
[2017/11/01 16:38:34 | 000,089,952 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klbackupflt.sys
[2017/11/01 16:38:34 | 000,087,584 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2017/11/01 16:38:34 | 000,078,216 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\kldisk.sys
[2017/11/01 16:38:34 | 000,070,872 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klbackupdisk.sys
[2017/11/01 16:38:34 | 000,058,592 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klmouflt.sys
[2017/11/01 16:38:34 | 000,057,056 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klkbdflt.sys
[2017/11/01 16:38:34 | 000,050,672 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klpd.sys
[2017/11/01 16:38:34 | 000,044,768 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klpnpflt.sys
[2017/11/01 16:38:34 | 000,029,816 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klelam.sys
[2017/11/01 16:34:47 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\Microsoft
[2017/11/01 16:34:45 | 000,000,000 | ---D | C] -- C:\WINDOWS\ServiceProfiles
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\Reference Assemblies
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Reference Assemblies
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files\MSBuild
[2017/11/01 16:23:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\MSBuild
[2017/11/01 15:17:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\Panther
[2017/11/01 15:01:42 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel Driver and Support Assistant
[2017/11/01 15:01:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel Driver and Support Assistant
[2017/11/01 15:01:33 | 000,000,000 | -HSD | C] -- C:\Config.Msi
[2017/11/01 15:00:58 | 000,000,000 | ---D | C] -- C:\Program Files\Intel Driver and Support Assistant
[2017/10/30 18:31:35 | 000,000,000 | ---D | C] -- C:\Users\Dylan156\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Remote Desktop assistant
[2017/10/30 16:59:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP
[2017/10/30 14:13:38 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2017/10/28 17:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Secure Connection
[2017/10/28 17:52:48 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Free
[2017/10/28 17:52:19 | 000,110,176 | ---- | C] (Kaspersky Lab ZAO) -- C:\WINDOWS\SysNative\klfphc.dll
[2017/10/28 17:51:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Kaspersky Lab
[2017/10/28 17:51:24 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Kaspersky Lab
[2017/10/28 17:51:15 | 000,594,144 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klhk.sys
[2017/10/28 17:51:15 | 000,149,304 | ---- | C] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\klhkum.dll
[2017/02/16 15:43:48 | 022,803,992 | ---- | C] (LastPass) -- C:\Program Files (x86)\Common Files\lpuninstall.exe
========== Files - Modified Within 30 Days ==========
[2017/11/27 16:14:23 | 000,253,192 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klark.sys
[2017/11/27 16:14:01 | 000,107,680 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_klbg.sys
[2017/11/27 16:14:00 | 000,230,312 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_arkmon.sys
[2017/11/27 16:11:07 | 000,000,370 | ---- | M] () -- C:\WINDOWS\tasks\HPCeeScheduleForDylan156.job
[2017/11/27 16:08:17 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Dylan156\Desktop\OTL.exe
[2017/11/27 15:48:23 | 000,094,144 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mwac.sys
[2017/11/27 15:47:21 | 000,193,464 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\MbamChameleon.sys
[2017/11/27 15:47:17 | 000,110,016 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\farflt.sys
[2017/11/27 15:47:06 | 000,046,008 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbam.sys
[2017/11/27 15:47:00 | 000,253,880 | ---- | M] (Malwarebytes) -- C:\WINDOWS\SysNative\drivers\mbamswissarmy.sys
[2017/11/27 15:46:51 | 000,001,923 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/11/27 15:41:09 | 078,346,672 | ---- | M] (Malwarebytes ) -- C:\Users\Dylan156\Desktop\mb3-setup-consumer-3.3.1.2183.exe
[2017/11/27 15:29:41 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2017/11/27 15:28:55 | 000,000,180 | ---- | M] () -- C:\WINDOWS\SysNative\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
[2017/11/27 15:27:41 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2017/11/27 15:27:38 | 2539,679,744 | -HS- | M] () -- C:\hiberfil.sys
[2017/11/22 17:13:17 | 000,422,408 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/11/13 15:48:05 | 000,000,258 | RHS- | M] () -- C:\ProgramData\ntuser.pol
[2017/11/13 15:34:44 | 000,001,827 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/11/08 15:58:25 | 000,788,008 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\EasyAntiCheat.sys
[2017/11/08 15:10:54 | 000,905,252 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/08 15:10:54 | 000,764,430 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2017/11/08 15:10:54 | 000,144,852 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2017/11/01 19:57:11 | 000,002,371 | ---- | M] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2017/11/01 18:04:55 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagwrn.xml
[2017/11/01 18:04:55 | 000,007,623 | ---- | M] () -- C:\WINDOWS\diagerr.xml
[2017/11/01 17:55:11 | 000,022,840 | ---- | M] () -- C:\WINDOWS\SysNative\emptyregdb.dat
[2017/11/01 17:15:03 | 000,000,200 | ---- | M] () -- C:\WINDOWS\SysNative\{EC94D02F-D200-4428-9531-05AF7F9799CB}.bat
[2017/11/01 15:17:34 | 000,000,036 | ---- | M] () -- C:\WINDOWS\progress.ini
[2017/11/01 08:54:56 | 000,077,432 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/10/28 17:53:34 | 000,173,144 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_mark.sys
[2017/10/28 17:53:34 | 000,087,584 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klupd_klif_kimul.sys
[2017/10/28 17:51:15 | 001,055,448 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klif.sys
[2017/10/28 17:51:15 | 000,594,144 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klhk.sys
[2017/10/28 17:51:15 | 000,207,576 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\drivers\klflt.sys
[2017/10/28 17:51:15 | 000,149,304 | ---- | M] (AO Kaspersky Lab) -- C:\WINDOWS\SysNative\klhkum.dll
========== Files Created - No Company Name ==========
[2017/11/27 15:46:51 | 000,001,923 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes.lnk
[2017/11/27 15:46:46 | 000,077,432 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\mbae64.sys
[2017/11/14 15:23:56 | 003,313,968 | ---- | C] () -- C:\WINDOWS\SysNative\Windows.Mirage.dll
[2017/11/14 15:23:44 | 002,474,584 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.Mirage.dll
[2017/11/14 15:23:42 | 000,975,872 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessor.dll
[2017/11/14 15:23:24 | 000,269,696 | ---- | C] () -- C:\WINDOWS\SysNative\FaceProcessorCore.dll
[2017/11/14 15:23:19 | 000,097,792 | ---- | C] () -- C:\WINDOWS\SysNative\runexehelper.exe
[2017/11/13 15:34:44 | 000,001,827 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2017/11/06 14:23:34 | 000,524,288 | ---- | C] () -- C:\WINDOWS\SysNative\xvidcore.dll
[2017/11/06 14:23:34 | 000,245,760 | ---- | C] () -- C:\WINDOWS\SysNative\lame.ax
[2017/11/06 14:23:34 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysNative\Lagarith.dll
[2017/11/06 14:23:34 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysNative\xvidvfw.dll
[2017/11/06 14:23:34 | 000,053,248 | ---- | C] () -- C:\WINDOWS\SysNative\xvid.ax
[2017/11/01 17:56:50 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagwrn.xml
[2017/11/01 17:56:50 | 000,007,623 | ---- | C] () -- C:\WINDOWS\diagerr.xml
[2017/11/01 17:35:29 | 000,905,252 | ---- | C] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2017/11/01 17:22:36 | 000,001,576 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[2017/11/01 17:17:17 | 000,000,352 | ---- | C] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2017/11/01 17:17:17 | 000,000,334 | ---- | C] () -- C:\Users\Dylan156\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2017/11/01 17:12:45 | 000,067,584 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2017/11/01 17:10:42 | 000,422,408 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2017/11/01 16:19:12 | 000,105,420 | ---- | C] () -- C:\WINDOWS\SysWow64\license.rtf
[2017/11/01 16:19:12 | 000,105,420 | ---- | C] () -- C:\WINDOWS\SysNative\license.rtf
[2017/11/01 15:05:13 | 000,000,742 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows 10 Update Assistant.lnk
[2017/10/08 12:16:45 | 000,000,203 | ---- | C] () -- C:\Users\Dylan156\.gitconfig
[2017/09/29 08:46:50 | 000,000,741 | ---- | C] () -- C:\WINDOWS\SysWow64\NOISE.DAT
[2017/09/29 08:46:49 | 000,215,943 | ---- | C] () -- C:\WINDOWS\SysWow64\dssec.dat
[2017/09/29 08:42:27 | 000,017,143 | ---- | C] () -- C:\WINDOWS\SysWow64\srms-apr.dat
[2017/09/29 08:42:18 | 000,518,144 | ---- | C] () -- C:\WINDOWS\SysWow64\msjetoledb40.dll
[2017/09/29 08:42:14 | 000,054,272 | ---- | C] () -- C:\WINDOWS\SysWow64\BWContextHandler.dll
[2017/09/29 08:42:13 | 000,002,307 | ---- | C] () -- C:\WINDOWS\SysWow64\WimBootCompress.ini
[2017/09/29 08:42:11 | 000,149,840 | ---- | C] () -- C:\WINDOWS\SysWow64\InputHost.dll
[2017/09/29 08:42:09 | 003,383,296 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.UI.Input.Inking.Analysis.dll
[2017/09/29 08:42:09 | 000,309,248 | ---- | C] () -- C:\WINDOWS\SysWow64\ssdm.dll
[2017/09/29 08:42:09 | 000,193,024 | ---- | C] () -- C:\WINDOWS\SysWow64\HeatCore.dll
[2017/09/29 08:42:09 | 000,092,160 | ---- | C] () -- C:\WINDOWS\SysWow64\WindowsDefaultHeatProcessor.dll
[2017/09/29 08:42:09 | 000,055,808 | ---- | C] () -- C:\WINDOWS\SysWow64\xboxgipsynthetic.dll
[2017/09/29 08:42:09 | 000,025,088 | ---- | C] () -- C:\WINDOWS\SysWow64\Windows.WARP.JITService.exe
[2017/09/29 08:42:08 | 000,167,640 | ---- | C] () -- C:\WINDOWS\SysWow64\chs_singlechar_pinyin.dat
[2017/09/29 08:42:00 | 000,043,131 | ---- | C] () -- C:\WINDOWS\mib.bin
[2017/09/29 08:41:54 | 000,673,088 | ---- | C] () -- C:\WINDOWS\SysWow64\mlang.dat
[2017/09/20 16:24:35 | 000,524,288 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidcore.dll
[2017/09/20 16:24:35 | 000,216,064 | ---- | C] ( ) -- C:\WINDOWS\SysWow64\Lagarith.dll
[2017/09/20 16:24:35 | 000,139,264 | ---- | C] () -- C:\WINDOWS\SysWow64\xvidvfw.dll
[2017/07/23 17:21:27 | 001,101,726 | ---- | C] () -- C:\WINDOWS\SysWow64\PerfStringBackup.INI
[2017/06/12 16:25:02 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2017/04/19 16:43:20 | 000,000,000 | ---- | C] () -- C:\ProgramData\DP45977C.lfl
[2017/04/19 15:32:56 | 000,000,036 | ---- | C] () -- C:\WINDOWS\progress.ini
[2017/02/19 07:46:49 | 000,007,605 | ---- | C] () -- C:\Users\Dylan156\AppData\Local\Resmon.ResmonCfg
[2015/05/03 19:11:55 | 000,009,136 | ---- | C] () -- C:\Users\Dylan156\Car! Side View.layout
[2015/05/03 19:11:55 | 000,009,113 | ---- | C] () -- C:\Users\Dylan156\Backup of Car! Side View.layout
[2015/03/28 18:44:01 | 000,000,545 | ---- | C] () -- C:\Users\Dylan156\Dill_Pickle613.png
[2014/12/23 19:10:23 | 000,000,075 | ---- | C] () -- C:\Users\Dylan156\.atl.properties
========== ZeroAccess Check ==========
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\windows.storage.dll -- [2017/09/29 08:41:31 | 007,675,408 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\windows.storage.dll -- [2017/09/29 08:42:11 | 006,092,152 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2017/09/29 08:42:05 | 000,964,096 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2017/09/29 08:42:18 | 000,769,536 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2017/09/29 08:42:04 | 000,506,880 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
========== LOP Check ==========
[2016/06/25 07:04:21 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.atlauncher
[2017/10/30 18:22:00 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.minecraft
[2016/09/29 18:59:33 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\.technic
[2017/06/21 16:20:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\3909
[2017/06/01 17:40:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Atom
[2016/11/18 07:22:44 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Battle.net
[2017/03/30 17:53:23 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Brackets
[2016/08/18 07:33:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Curse
[2017/06/20 15:10:42 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Curse Client
[2017/10/08 12:06:18 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\discord
[2017/11/02 15:13:32 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\EasyAntiCheat
[2017/11/01 14:59:07 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\EQATEC Analytics
[2017/09/20 16:28:46 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\FlashIntegro
[2017/02/17 17:56:56 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\ftblauncher
[2017/03/11 11:50:07 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Garmin
[2017/10/08 12:41:12 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\GitHub
[2017/06/14 16:46:55 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Grammarly
[2017/09/02 20:28:03 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\itch
[2016/06/22 17:42:17 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\java
[2017/07/19 13:58:57 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\LiquidSky
[2016/06/24 17:09:50 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\LolClient
[2016/09/15 15:59:00 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\MakeMusic
[2017/06/12 16:19:42 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Nefarius Software Solutions
[2016/06/24 16:06:18 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Riot Games
[2017/10/13 20:53:27 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Shooter
[2016/06/29 16:06:52 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Spore
[2017/07/19 12:49:05 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Spotify
[2017/06/20 14:14:04 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\Twitch
[2016/11/13 12:03:27 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\wargaming.net
[2017/01/11 20:48:13 | 000,000,000 | ---D | M] -- C:\Users\Dylan156\AppData\Roaming\WinBatch
========== Purity Check ==========
========== Alternate Data Streams ==========
@Alternate Data Stream - 220 bytes -> C:\Users\Dylan156\OneDrive:ms-properties
@Alternate Data Stream - 212 bytes -> C:\Users\Dylan156\OneDrive:${3D0CE612-FDEE-43f7-8ACA-957BEC0CCBA0}.SyncRootIdentity
< End of report >
Looks like you have some cloud programs running at bootup, so basically you are syncing your drives to the cloud and thats why its always at 100 percent. Apple Icloud and you have one drive and google drive running at bootup. If you really don't need these, disable them. You can also click on the column for drive usage and it will show you whats using it the most. Also check your memory usage, if you are using a lot of memory then your pc will start using the hdd as memory and will cause it to do that as well.
Yeah, I intend on installing my OS and most used files onto it.