Process	CPU	Private Bytes	Working Set	PID	Description	Company Name	User Name	Path	Command Line	Version	Autostart Location	Comment	Image Type	Window Status	Verified Signer	Integrity	Session	UI Access	VirusTotal	ASLR	Priority	CPU Time	Start Time	Process Timeline	CPU History
System Idle Process		0 K	24 K	0			NT AUTHORITY\SYSTEM						64-bit							n/a	0	0:01:55.409	n/a		
System	2.86	0 K	78,504 K	4			<unable to open token>						64-bit				0			n/a	8	0:04:32.128	10:06:57 PM 12/03/2017		
 Interrupts	< 0.01	0 K	0 K	n/a	Hardware Interrupts and DPCs								64-bit				0			n/a	0	0:02:43.130	10:06:57 PM 12/03/2017		
 smss.exe		472 K	1,028 K	448	Windows Session Manager	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\smss.exe	\SystemRoot\System32\smss.exe	6.0.6002.19598			64-bit			System	0			ASLR	11	0:00:06.255	10:06:57 PM 12/03/2017		
csrss.exe	< 0.01	2,536 K	6,784 K	816	Client Server Runtime Process	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\csrss.exe	C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16	6.0.6001.18000			64-bit			System	0			ASLR	13	0:00:34.959	10:07:13 PM 12/03/2017		
wininit.exe		1,752 K	5,308 K	872	Windows Start-Up Application	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\wininit.exe	wininit.exe	6.0.6001.18000			64-bit			System	0			ASLR	13	0:00:13.868	10:07:21 PM 12/03/2017		
 services.exe	< 0.01	3,388 K	8,696 K	952	Services and Controller app	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\services.exe	C:\Windows\system32\services.exe	6.0.6002.19369			64-bit			System	0			ASLR	9	0:04:50.941	10:07:24 PM 12/03/2017		
  svchost.exe	< 0.01	3,764 K	8,196 K	492	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k DcomLaunch	6.0.6001.18000			64-bit			System	0			ASLR	8	0:09:21.010	10:07:33 PM 12/03/2017		
   unsecapp.exe		2,912 K	6,204 K	1996	Sink to receive asynchronous callbacks for WMI client application	Microsoft Corporation	NBOURGEA\smbourgea	C:\Windows\System32\wbem\unsecapp.exe	C:\Windows\System32\wbem\unsecapp.exe -Embedding	6.0.6001.18000			64-bit			Medium	1			ASLR	8	0:00:02.355	10:17:21 PM 12/03/2017		
   WmiPrvSE.exe		3,984 K	9,292 K	2516	WMI Provider Host	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\wbem\WmiPrvSE.exe	C:\Windows\System32\wbem\WmiPrvSE.exe	6.0.6002.18005			64-bit			System	0			ASLR	8	0:00:10.280	10:17:48 PM 12/03/2017		
  svchost.exe		4,904 K	8,820 K	556	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k rpcss	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:16.879	10:07:43 PM 12/03/2017		
  svchost.exe	0.71	9,524 K	16,392 K	612	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\System32\svchost.exe -k secsvcs	6.0.6001.18000			64-bit			System	0			ASLR	8	0:01:12.634	10:07:54 PM 12/03/2017		
  svchost.exe	< 0.01	15,408 K	15,472 K	688	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted	6.0.6001.18000			64-bit			System	0			ASLR	8	0:01:20.699	10:08:17 PM 12/03/2017		
   audiodg.exe		12,872 K	15,792 K	292			NT AUTHORITY\LOCAL SERVICE	[Access is denied.]					64-bit			System	0			n/a	8	0:01:05.863	10:09:05 PM 12/03/2017		
  svchost.exe	27.86	177,936 K	184,148 K	792	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted	6.0.6001.18000			64-bit			System	0			ASLR	8	0:15:02.840	10:08:28 PM 12/03/2017		
   dwm.exe		2,004 K	6,272 K	1940	Desktop Window Manager	Microsoft Corporation	NBOURGEA\smbourgea	C:\Windows\System32\dwm.exe	"C:\Windows\system32\Dwm.exe"	6.0.6002.18005			64-bit			Medium	1			ASLR	8	0:00:11.341	10:10:39 PM 12/03/2017		
  svchost.exe	< 0.01	27,244 K	38,668 K	804	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k netsvcs	6.0.6001.18000			64-bit			System	0			ASLR	8	0:08:34.460	10:08:30 PM 12/03/2017		
   taskeng.exe	< 0.01	4,300 K	8,904 K	1260	Task Scheduler Engine	Microsoft Corporation	NBOURGEA\smbourgea	C:\Windows\System32\taskeng.exe	taskeng.exe {5D87F016-21CA-4D20-AC6D-4ADEB27FAEE4}	6.0.6002.18342			64-bit			Medium	1			ASLR	8	0:00:05.413	10:10:58 PM 12/03/2017		
   taskeng.exe	< 0.01	1,744 K	4,616 K	3568	Task Scheduler Engine	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\taskeng.exe	taskeng.exe {04471005-EEB1-429B-9305-4CB5828C2609} S-1-5-19:NT AUTHORITY\LocalService:Service:	6.0.6002.18342			64-bit			System	0			ASLR	6	0:00:01.638	11:25:22 PM 12/03/2017		
  svchost.exe		2,520 K	6,232 K	304	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k GPSvcGroup	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:05.990	10:09:10 PM 12/03/2017		
  SLsvc.exe		9,876 K	14,052 K	1040	Microsoft Software Licensing Service	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\System32\SLsvc.exe	C:\Windows\system32\SLsvc.exe	6.0.6002.18005			64-bit			System	0			ASLR	8	0:00:11.700	10:09:13 PM 12/03/2017		
  svchost.exe	< 0.01	11,096 K	18,208 K	1156	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k LocalService	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:51.137	10:09:23 PM 12/03/2017		
  svchost.exe		18,808 K	20,504 K	1412	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k NetworkService	6.0.6001.18000			64-bit			System	0			ASLR	8	0:04:32.705	10:09:41 PM 12/03/2017		
  spoolsv.exe	< 0.01	8,352 K	14,532 K	1736	Spooler SubSystem App	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\spoolsv.exe	C:\Windows\System32\spoolsv.exe	6.0.6002.18294			64-bit			System	0			ASLR	8	0:00:55.442	10:10:19 PM 12/03/2017		
  svchost.exe		19,876 K	25,268 K	1784	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:45.224	10:10:24 PM 12/03/2017		
  ehrecvr.exe	< 0.01	6,516 K	13,784 K	1052	Windows Media Center Receiver Service	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\ehome\ehrecvr.exe	C:\Windows\ehome\ehRecvr.exe	6.0.6001.18000	HKLM\System\CurrentControlSet\Services\ehRecvr		64-bit			System	0			ASLR	10	0:00:17.799	10:12:36 PM 12/03/2017		
  ehsched.exe		1,512 K	4,848 K	1812	Windows Media Center Scheduler Service	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\ehome\ehsched.exe	C:\Windows\ehome\ehsched.exe	6.0.6001.18000	HKLM\System\CurrentControlSet\Services\ehSched		64-bit			System	0			ASLR	8	0:00:04.602	10:13:12 PM 12/03/2017		
  svchost.exe		3,000 K	7,088 K	1904	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:13.041	10:13:41 PM 12/03/2017		
  svchost.exe		6,084 K	10,980 K	2004	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k imgsvc	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:13.338	10:13:59 PM 12/03/2017		
  svchost.exe		7,840 K	11,512 K	276	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k iissvcs	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:05.631	10:14:06 PM 12/03/2017		
  svchost.exe		1,156 K	3,096 K	2076	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\svchost.exe	C:\Windows\System32\svchost.exe -k WerSvcGroup	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:00.811	10:14:16 PM 12/03/2017		
  wmpnetwk.exe	< 0.01	6,220 K	12,464 K	632	Windows Media Player Network Sharing Service	Microsoft Corporation	NT AUTHORITY\NETWORK SERVICE	C:\Program Files\Windows Media Player\wmpnetwk.exe	"C:\Program Files\Windows Media Player\wmpnetwk.exe"	11.0.6001.7000	HKLM\System\CurrentControlSet\Services\WMPNetworkSvc		64-bit			System	0			ASLR	8	0:00:08.205	10:16:16 PM 12/03/2017		
  SearchIndexer.exe	< 0.01	105,376 K	46,676 K	2288	Microsoft Windows Search Indexer	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\SearchIndexer.exe	C:\Windows\system32\SearchIndexer.exe /Embedding	7.0.6002.18005			64-bit			System	0			ASLR	8	0:02:55.891	10:19:10 PM 12/03/2017		
   SearchProtocolHost.exe		4,180 K	3,216 K	3768	Microsoft Windows Search Protocol Host	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\SearchProtocolHost.exe	"C:\Windows\system32\SearchProtocolHost.exe" Global\UsGthrFltPipeMssGthrPipe2_ Global\UsGthrCtrlFltPipeMssGthrPipe2 1 -2147483646 "Software\Microsoft\Windows Search" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT; MS Search 4.0 Robot)" "C:\ProgramData\Microsoft\Search\Data\Temp\usgthrsvc" "DownLevelDaemon" 	7.0.6002.18005			64-bit			System	0			ASLR	8	0:00:04.789	11:19:49 PM 12/03/2017		
   SearchFilterHost.exe	< 0.01	3,760 K	6,868 K	2456	Microsoft Windows Search Filter Host	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\SearchFilterHost.exe	"C:\Windows\system32\SearchFilterHost.exe" 0 640 644 652 65536 648 	7.0.6002.18005			64-bit			Medium	0			ASLR	4	0:00:03.151	11:22:06 PM 12/03/2017		
  MBAMService.exe	38.57	437,760 K	459,292 K	2936	Malwarebytes Service	Malwarebytes	NT AUTHORITY\SYSTEM	C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe	"C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe"	3.1.0.415	HKLM\System\CurrentControlSet\Services\MBAMService		64-bit			System	0			ASLR	8	0:14:05.868	10:20:30 PM 12/03/2017		
  svchost.exe		2,060 K	5,304 K	1616	Host Process for Windows Services	Microsoft Corporation	NT AUTHORITY\LOCAL SERVICE	C:\Windows\System32\svchost.exe	C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:20.607	10:21:29 PM 12/03/2017		
 lsass.exe	< 0.01	4,112 K	2,000 K	968	Local Security Authority Process	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\lsass.exe	C:\Windows\system32\lsass.exe	6.0.6002.18541			64-bit			System	0			ASLR	9	0:00:54.366	10:07:25 PM 12/03/2017		
 lsm.exe		2,924 K	5,364 K	980	Local Session Manager Service	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\lsm.exe	C:\Windows\system32\lsm.exe	6.0.6001.18000			64-bit			System	0			ASLR	8	0:00:03.198	10:07:25 PM 12/03/2017		
csrss.exe	< 0.01	13,248 K	12,644 K	884	Client Server Runtime Process	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\csrss.exe	C:\Windows\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ProfileControl=Off MaxRequestThreads=16	6.0.6001.18000			64-bit			System	1			ASLR	13	0:02:25.720	10:07:21 PM 12/03/2017		
winlogon.exe		2,744 K	7,592 K	932	Windows Logon Application	Microsoft Corporation	NT AUTHORITY\SYSTEM	C:\Windows\System32\winlogon.exe	winlogon.exe	6.0.6002.18005			64-bit			System	1			ASLR	13	0:00:25.927	10:07:23 PM 12/03/2017		
upeksvr.exe	< 0.01	5,180 K	10,844 K	1136	Fingerprint Server Process for Vista	UPEK Inc.	NT AUTHORITY\SYSTEM	C:\Program Files\Common Files\SPBA\upeksvr.exe	"C:\Program Files\Common Files\SPBA\upeksvr.exe" 	5.8.2.4217			64-bit			System	1				8	0:00:10.420	10:09:22 PM 12/03/2017		
CompPtcVUI.exe		6,052 K	10,708 K	1360		Arachnoid Biometrics Identification Group Corp.	NT AUTHORITY\SYSTEM	C:\Program Files (x86)\Acer\Acer Bio Protection\CompPtcVUI.exe	"C:\Program Files (x86)\Acer\Acer Bio Protection\CompPtcVUI.exe"	5.0.0.0			32-bit			System	1				8	0:00:09.391	10:09:36 PM 12/03/2017		
explorer.exe	2.86	35,352 K	51,376 K	1948	Windows Explorer	Microsoft Corporation	NBOURGEA\smbourgea	C:\Windows\explorer.exe	C:\Windows\Explorer.EXE	6.0.6002.18005	HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell		64-bit	Running		Medium	1			ASLR	8	0:24:26.893	10:10:40 PM 12/03/2017		
 mbamtray.exe		13,472 K	16,896 K	1188	Malwarebytes Tray Application	Malwarebytes	NBOURGEA\smbourgea	C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe	"C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe" 	3.0.0.912	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\Malwarebytes TrayApp		32-bit			Medium	1			ASLR	8	0:00:12.854	10:12:09 PM 12/03/2017		
 SynTPEnh.exe	< 0.01	3,744 K	10,384 K	1380	Synaptics TouchPad Enhancements	Synaptics, Inc.	NBOURGEA\smbourgea	C:\Program Files\Synaptics\SynTP\SynTPEnh.exe	"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe" 	11.1.4.0	HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\SynTPEnh		64-bit			Medium	1				10	0:00:08.392	10:12:37 PM 12/03/2017		
 wmpnscfg.exe		2,320 K	7,016 K	2900	Windows Media Player Network Sharing Service Configuration Application	Microsoft Corporation	NBOURGEA\smbourgea	C:\Program Files\Windows Media Player\wmpnscfg.exe	"C:\Program Files\Windows Media Player\wmpnscfg.exe"	11.0.6001.7000			64-bit			Medium	1			ASLR	8	0:00:02.730	10:23:17 PM 12/03/2017		
 Autoruns64.exe	12.86	19,488 K	35,872 K	3752	Autostart program viewer	Sysinternals - www.sysinternals.com	NBOURGEA\smbourgea	C:\Autoruns\Autoruns64.exe	"C:\Autoruns\Autoruns64.exe" 	13.70.0.0			64-bit	Running		High	1			ASLR	8	0:20:26.932	10:54:47 PM 12/03/2017		
 procexp64.exe	15.71	26,044 K	38,292 K	2328	Sysinternals Process Explorer	Sysinternals - www.sysinternals.com	NBOURGEA\smbourgea	C:\ProcessExplorer\procexp64.exe	"C:\ProcessExplorer\procexp64.exe" 	16.20.0.0			64-bit	Not responding		High	1			ASLR	13	0:10:19.089	11:03:59 PM 12/03/2017		
PdtWzd.exe	< 0.01	6,440 K	12,416 K	2064	PdtWzd.exe	Arachnoid Biometrics Identification Group Corp.	NBOURGEA\smbourgea	C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe	"C:\Program Files (x86)\Acer\Acer Bio Protection\PdtWzd.exe" show	6.0.0.2	HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\ZPdtWzdVitaKey MC3000		32-bit			Medium	1				8	0:00:25.178	10:14:14 PM 12/03/2017		
eAudio.exe		7,132 K	11,264 K	2208	Notification tool for RealTek audio chip	Acer Incorporated	NBOURGEA\smbourgea	C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe	"C:\Program Files\Acer\Empowering Technology\eAudio\eAudio.exe" 	3.0.3008.0	HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run\eAudio		64-bit			Medium	1				8	0:00:19.359	10:14:33 PM 12/03/2017		
CCleaner64.exe	< 0.01	15,004 K	17,940 K	2672	CCleaner	Piriform Ltd	NBOURGEA\smbourgea	C:\Program Files\CCleaner\CCleaner64.exe	"C:\Program Files\CCleaner\CCleaner.exe" /MONITOR /uac	5.27.0.5976	HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\CCleaner Monitoring		64-bit			High	1			ASLR	6	0:01:15.286	10:22:44 PM 12/03/2017