DDS (Ver_2012-11-20.01) - NTFS_AMD64 Internet Explorer: 11.0.10240.16603 BrowserJavaVersion: 11.31.2 Run by at 17:48:30 on 2016-04-23 Microsoft Windows 10 Home 10.0.10240.0.1252.47.1033.18.16346.13020 [GMT 2:00] . AV: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} . ============== Running Processes =============== . C:\WINDOWS\system32\svchost.exe -k DcomLaunch C:\WINDOWS\system32\svchost.exe -k RPCSS C:\WINDOWS\system32\dwm.exe C:\WINDOWS\system32\svchost.exe -k netsvcs C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation C:\WINDOWS\system32\atiesrxx.exe C:\Windows\System32\WUDFHost.exe C:\WINDOWS\system32\atieclxx.exe C:\WINDOWS\system32\svchost.exe -k LocalService C:\Program Files (x86)\Creative\Shared Files\CTAudSvc.exe C:\WINDOWS\system32\svchost.exe -k NetworkService C:\WINDOWS\System32\spoolsv.exe C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe C:\Program Files\Intel\iCLS Client\HeciServer.exe C:\Windows\system32\IProsetMonitor.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe C:\WINDOWS\system32\svchost.exe -k apphost C:\WINDOWS\System32\svchost.exe -k utcsvc D:\SUPERAntispy\SASCORE64.EXE C:\WINDOWS\SysWOW64\lkads.exe C:\WINDOWS\system32\mqsvc.exe C:\WINDOWS\system32\svchost.exe -k iissvcs C:\WINDOWS\system32\dashost.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\MAX\nimxs.exe C:\WINDOWS\SysWOW64\lkcitdl.exe C:\Program Files\Reason\Security\rsEngineSvc.exe C:\WINDOWS\SysWOW64\lktsrv.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\niSvcLoc\nisvcloc.exe C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\niauth\niauth_daemon.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\Security\nidmsrv.exe C:\WINDOWS\system32\svchost.exe -k imgsvc C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\mDNS Responder\nimdnsResponder.exe C:\WINDOWS\system32\svchost.exe -k appmodel C:\Program Files (x86)\Popcorn Time\Updater.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI Network Discovery\niDiscSvc.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\Tagger\tagsrv.exe C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\SystemWebServer.exe C:\WINDOWS\system32\wbem\wmiprvse.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\ApplicationWebServer.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\NIWebServiceContainer.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\NIWebServiceContainer.exe svchost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe C:\WINDOWS\system32\SearchIndexer.exe C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe C:\WINDOWS\system32\taskhostw.exe C:\WINDOWS\system32\sihost.exe C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_bg.exe C:\Program Files (x86)\MSI Afterburner\MSIAfterburner.exe C:\WINDOWS\Explorer.EXE C:\Windows\System32\RuntimeBroker.exe C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe C:\Program Files\Windows Defender\MpCmdRun.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe C:\Windows\System32\rundll32.exe C:\Windows\System32\rundll32.exe C:\Program Files\Logitech\Gaming Software\LWEMon.exe C:\Program Files\Logitech Gaming Software\LCore.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files\AMD\CNext\CNext\cnext.exe C:\Users\\AppData\Local\Microsoft\OneDrive\OneDrive.exe C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe C:\WINDOWS\system32\wbem\unsecapp.exe D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI Error Reporting\nierserver.exe C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe D:\PowerISO\PWRISOVM.EXE C:\PROGRA~2\Raptr\raptr.exe C:\PROGRA~2\Raptr\raptr_im.exe C:\Program Files (x86)\RivaTuner Statistics Server\RTSS.exe C:\Program Files (x86)\RivaTuner Statistics Server\EncoderServer.exe C:\Program Files (x86)\RivaTuner Statistics Server\RTSSHooksLoader64.exe C:\Program Files (x86)\Raptr\raptr_ep64.exe C:\Program Files\Reason\Security\rsUI.exe C:\WINDOWS\system32\fontdrvhost.exe C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Users\\AppData\Roaming\uTorrent\uTorrent.exe C:\Users\\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe C:\Users\\AppData\Roaming\uTorrent\updates\3.4.6_42094\utorrentie.exe C:\WINDOWS\system32\ApplicationFrameHost.exe C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_10.1601.19020.0_x64__8wekyb3d8bbwe\Calculator.exe C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\Program Files (x86)\Google\Chrome\Application\chrome.exe C:\WINDOWS\System32\cscript.exe . ============== Pseudo HJT Report =============== . uSearch Bar = Preserve uSearchAssistant = www.google.com BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - D:\word\Office14\URLREDIR.DLL BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll uRun: [OneDrive] "C:\Users\\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background mRun: [StartCCC] "C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun mRun: [ZyngaGamesAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect\ZyngaGamesAgent.exe" mRun: [STCAgent] "C:\Program Files (x86)\Splashtop\Splashtop Connect IE\STCAgent.exe" mRun: [THX Audio Control Panel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\THXAudioCP\THXAudio.exe" /r mRun: [VolPanel] "C:\Program Files (x86)\Creative\Sound Blaster X-Fi MB 2\Sound Blaster Panel\VolPanlu.exe" /r mRun: [USB3MON] "C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe" mRun: [Raptr] "C:\Program Files (x86)\Raptr\raptrstub.exe" --startup mRun: [BCSSync] "D:\word\Office14\BCSSync.exe" /DelayServices mRun: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" mRun: [PCFIXTRAYHINZJ] c:\pcfiXtrayydafu.lnk mRun: [PCFIXTRAYFIMGU] c:\pcfiXtrayggczr.lnk mRun: [PCFIXTRAYEOWNI] c:\pcfiXtrayeekfq.lnk mRun: [PWRISOVM.EXE] D:\PowerISO\PWRISOVM.EXE -startup StartupFolder: C:\Users\\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\OPENOF~1.LNK - C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\NIERRO~1.LNK - D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI Error Reporting\nierserver.exe uPolicies-Explorer: NoDrives = dword:0 uPolicies-Explorer: NoDriveTypeAutoRun = dword:145 mPolicies-Explorer: NoDrives = dword:0 mPolicies-Explorer: NoDriveTypeAutoRun = dword:221 mPolicies-System: DSCAutomationHostEnabled = dword:2 TCP: NameServer = 192.168.137.1 TCP: Interfaces\{576f0f55-6ec7-4eba-b649-f911dd05108c} : NameServer = 138.201.48.176,8.8.8.8 TCP: Interfaces\{576f0f55-6ec7-4eba-b649-f911dd05108c} : DHCPNameServer = 192.168.137.1 Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll SSODL: WebCheck - mASetup: {65122CB0-EA0F-47DF-A953-017170ED12F9} - "C:\Program Files (x86)\UCBrowser\Application\5.6.11466.7\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level mASetup: {8A69D345-D564-463c-AFF1-A69D9E530F96} - "C:\Program Files (x86)\Google\Chrome\Application\49.0.2623.112\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --multi-install --chrome CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll x64-BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL x64-BHO: Java(tm) Plug-In 2 SSV Helper: {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll x64-Run: [RTHDVCPL] "C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe" -s x64-Run: [THXCfg64] C:\WINDOWS\System32\RunDLL32.exe C:\WINDOWS\System32\THXCfg64.dll,RunDLLEntry THXCfg64 x64-Run: [RunDLLEntry] C:\WINDOWS\System32\RunDLL32.exe C:\WINDOWS\System32\AmbRunE.dll,RunDLLEntry x64-Run: [IgfxTray] C:\WINDOWS\System32\igfxtray.exe x64-Run: [HotKeysCmds] C:\WINDOWS\System32\hkcmd.exe x64-Run: [Persistence] C:\WINDOWS\System32\igfxpers.exe x64-Run: [Start WingMan Profiler] C:\Program Files\Logitech\Gaming Software\LWEMon.exe /noui x64-Run: [Launch LCore] C:\Program Files\Logitech Gaming Software\LCore.exe /minimized x64-Run: [StartCN] "C:\Program Files\AMD\CNext\CNext\cnext.exe" atlogon x64-Run: [IAStorIcon] "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIconLaunch.exe" "C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe" 60 x64-mPolicies-Explorer: NoDrives = dword:0 x64-mPolicies-Explorer: NoDriveTypeAutoRun = dword:221 x64-mPolicies-System: DSCAutomationHostEnabled = dword:2 x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll x64-SSODL: WebCheck - x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll Hosts: 0.0.0.0 0.0.0.0 # fix for traceroute and netstat display anomaly Hosts: 0.0.0.0 tracking.opencandy.com.s3.amazonaws.com Hosts: 0.0.0.0 media.opencandy.com Hosts: 0.0.0.0 cdn.opencandy.com Hosts: 0.0.0.0 tracking.opencandy.com . Note: multiple HOSTS entries found. Please refer to Attach.txt . ============= SERVICES / DRIVERS =============== . R0 iaStorA;iaStorA;C:\WINDOWS\System32\drivers\iaStorA.sys [2015-11-12 1467912] R0 iusb3hcs;Intel(R) USB 3.0 Host Controller Switch Driver;C:\WINDOWS\System32\drivers\iusb3hcs.sys [2012-10-3 16152] R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2015-7-10 106520] R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2015-7-10 17944] R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2015-8-20 200528] R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2015-7-10 215552] R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver;C:\WINDOWS\System32\drivers\dtsoftbus01.sys [2012-10-12 283200] R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2015-7-10 83968] R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2015-12-9 8192] R1 SASDIFSV;SASDIFSV;D:\SUPERAntispy\sasdifsv64.sys [2011-7-22 14928] R1 SASKUTIL;SASKUTIL;D:\SUPERAntispy\saskutil64.sys [2011-7-12 12368] R1 UCGuard;UCGuard;C:\WINDOWS\System32\drivers\ucguard.sys [2016-4-12 80768] R2 !SASCORE;SAS Core Service;D:\SUPERAntispy\SASCore64.exe [2014-7-23 172344] R2 AMD External Events Utility;AMD External Events Utility;C:\WINDOWS\System32\atiesrxx.exe [2015-12-16 254992] R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2015-7-10 39856] R2 DiagTrack;Diagnostics Tracking Service;C:\WINDOWS\System32\svchost.exe -k utcsvc [2015-7-10 39856] R2 IAStorDataMgrSvc;Intel(R) Rapid Storage Technology;C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [2015-11-4 19440] R2 Intel(R) Capability Licensing Service Interface;Intel(R) Capability Licensing Service Interface;C:\Program Files\Intel\iCLS Client\HeciServer.exe [2011-12-8 607456] R2 Intel(R) PROSet Monitoring Service;Intel(R) PROSet Monitoring Service;C:\WINDOWS\System32\IPROSetMonitor.exe [2012-10-3 171688] R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe [2012-10-3 161560] R2 NIApplicationWebServer;NI Application Web Server;D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\ApplicationWebServer.exe [2014-11-21 57184] R2 niauth;NI Authentication Service;D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\niauth\niauth_daemon.exe [2014-10-23 569152] R2 nimDNSResponder;NI mDNS Responder Service;D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\mDNS Responder\nimdnsResponder.exe [2014-6-6 320368] R2 NINetworkDiscovery;NI Network Discovery;D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI Network Discovery\niDiscSvc.exe [2014-6-19 177536] R2 NISystemWebServer;NI System Web Server;D:\National Instruments Downloads\NI Circuit Design Suite Education\NI Circuit Design Suite Education\Shared\NI WebServer\SystemWebServer.exe [2014-11-21 57168] R2 rscp;Reason Core Security Bundle Protection;C:\Program Files\Reason\Security\Protection\rscp\bin\rscp_svc.exe [2016-4-12 254904] R2 rsEngineSvc;Reason Core Security Engine Service;C:\Program Files\Reason\Security\rsEngineSvc.exe [2015-12-24 82680] R2 SSUService;Splashtop Software Updater Service;C:\Program Files (x86)\Splashtop\Splashtop Software Updater\SSUService.exe [2013-8-7 609056] R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2015-7-10 61952] R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856] R2 UNS;Intel(R) Management and Security Application User Notification Service;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [2012-10-3 363800] R2 Update service;Update service;C:\Program Files (x86)\Popcorn Time\Updater.exe [2015-8-24 339968] R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] R2 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2015-7-10 119648] R3 AtiHDAudioService;AMD Function Driver for HD Audio Service;C:\WINDOWS\System32\drivers\AtihdWT6.sys [2015-7-22 102912] R3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856] R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2015-7-10 129224] R3 LGBusEnum;Logitech GamePanel Virtual Bus Enumerator Driver;C:\WINDOWS\System32\drivers\LGBusEnum.sys [2009-11-24 22408] R3 LGSHidFilt;Logitech Gaming KMDF HID Filter Driver;C:\WINDOWS\System32\drivers\LGSHidFilt.Sys [2013-5-30 64280] R3 LGSUsbFilt;Logitech Gaming KMDF USB Filter Driver;C:\WINDOWS\System32\drivers\LGSUsbFilt.sys [2013-5-30 41752] R3 LGVirHid;Logitech Gamepanel Virtual HID Device Driver;C:\WINDOWS\System32\drivers\LGVirHid.sys [2009-11-24 16008] R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856] R3 MBAMSwissArmy;MBAMSwissArmy;C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys [2014-9-11 192216] R3 MBfilt;MBfilt;C:\WINDOWS\System32\drivers\MBfilt64.sys [2015-6-24 41088] R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2015-7-10 20992] R3 RTCore64;RTCore64;C:\Program Files (x86)\MSI Afterburner\RTCore64.sys [2015-5-27 13536] R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856] R3 WDC_SAM;WD SCSI Pass Thru driver;C:\WINDOWS\System32\drivers\wdcsam64.sys [2008-5-6 14464] R3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2015-7-10 362928] R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2015-7-10 214016] S1 AppleCharger;AppleCharger;C:\WINDOWS\System32\drivers\AppleCharger.sys [2012-10-3 21616] S2 AdBlockerService;AdBlockerService;"C:\Program Files (x86)\AdBlocker\Service.WinServiceHost.exe" --> C:\Program Files (x86)\AdBlocker\Service.WinServiceHost.exe [?] S2 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2015-7-10 39856] S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2015-7-10 1135456] S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856] S3 amdkmafd;AMD Audio Bus Lower Filter;C:\WINDOWS\System32\drivers\amdkmafd.sys [2015-7-28 40720] S3 AppleChargerSrv;AppleChargerSrv;system32\AppleChargerSrv.exe --> system32\AppleChargerSrv.exe [?] S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2015-7-10 39856] S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2015-7-10 39856] S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2015-7-10 17624] S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2015-7-10 39856] S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2015-10-14 36352] S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2015-7-10 116736] S3 CDPSvc;CDPSvc;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856] S3 Creative ALchemy AL6 Licensing Service;Creative ALchemy AL6 Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\AL6Licensing.exe [2012-10-3 79360] S3 Creative Audio Engine Licensing Service;Creative Audio Engine Licensing Service;C:\Program Files (x86)\Common Files\Creative Labs Shared\Service\CTAELicensing.exe [2012-10-3 79360] S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-1-13 108800] S3 diagnosticshub.standardcollector.service;Microsoft (R) Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2015-7-10 27136] S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 embeddedmode;embeddedmode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856] S3 etdrv;etdrv;C:\Windows\etdrv.sys [2012-10-6 25640] S3 fcvsc;fcvsc;C:\WINDOWS\System32\drivers\fcvsc.sys [2015-7-10 31232] S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2015-7-10 20992] S3 GVTDrv64;GVTDrv64;C:\Windows\GVTDrv64.sys [2012-10-3 30528] S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2015-7-10 50016] S3 hitmanpro37;HitmanPro 3.7 Support Driver;C:\WINDOWS\System32\drivers\hitmanpro37.sys [2014-9-14 32512] S3 iaLPSSi_GPIO;Intel(R) Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2015-7-10 38128] S3 iaLPSSi_I2C;Intel(R) Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2015-7-10 122608] S3 iaStorAV;Intel(R) SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2015-7-10 673120] S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2015-7-10 424800] S3 ICCS;Intel(R) Integrated Clock Controller Service - Intel(R) ICCS;C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe [2012-10-3 160256] S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856] S3 IEEtwCollectorService;Internet Explorer ETW Collector Service;C:\WINDOWS\System32\ieetwcollector.exe [2015-7-10 115200] S3 intelpep;Intel(R) Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2015-7-10 43872] S3 IoQos;IoQos;C:\WINDOWS\System32\drivers\ioqos.sys [2015-7-10 26624] S3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2015-7-10 104800] S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2015-7-10 99168] S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2015-7-10 705376] S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2015-7-10 76128] S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 netvsc;netvsc;C:\WINDOWS\System32\drivers\netvsc.sys [2015-7-10 94720] S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2015-7-10 39856] S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\lsass.exe [2015-7-10 56344] S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2015-7-10 58208] S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2015-7-10 58720] S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2015-8-20 934752] S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2015-8-20 1031680] S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2015-7-10 155488] S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2015-7-10 39856] S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-3-28 214832] S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2015-8-20 80720] S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2015-7-10 40288] S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2015-7-10 61952] S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2015-8-20 46080] S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2015-7-10 44032] S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2015-7-10 28512] S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2015-7-10 245088] S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2015-7-10 94048] S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2015-7-10 127840] S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2015-7-10 28512] S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2015-7-10 57696] S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2015-7-10 27488] S3 UsoSvc;Update Orchestrator Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2015-7-10 31744] S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 vmicvmsession;Hyper-V VM Session Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2015-7-10 39856] S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2015-7-10 39856] S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2015-7-10 39856] S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2015-8-20 685568] S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2015-7-10 39856] S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2015-7-10 26976] S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2015-7-10 59232] S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2015-7-10 39856] S3 WpnService;Windows Push Notifications Service;C:\WINDOWS\System32\svchost.exe -k wswpnservice [2015-7-10 39856] S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2015-7-10 222720] S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2015-7-10 39856] S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2015-7-10 25600] S3 xusb22;Xbox 360 Wireless Receiver Driver Service 22;C:\WINDOWS\System32\drivers\xusb22.sys [2015-7-10 95744] S4 NIApplicationWebServer64;NI Application Web Server (64-bit);C:\Program Files\National Instruments\Shared\NI WebServer\ApplicationWebServer.exe [2014-11-21 80736] . =============== File Associations =============== . FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice] ShellExec: opera.exe: open="C:\Program Files (x86)\Opera\Launcher.exe" "%1" . =============== Created Last 30 ================ . 2016-04-23 15:46:05 16148 ----a-w- C:\WINDOWS\System32\PC_ _HistoryPrediction.bin 2016-04-23 15:00:19 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5E89D786-C093-4D65-98D3-3CDB02674226}\gapaengine.dll 2016-04-23 15:00:14 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{B74598CE-7DFB-4832-9848-E35F0AF046E9}\mpengine.dll 2016-04-22 10:01:13 11686560 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll 2016-04-20 18:43:58 137280 ----a-w- C:\WINDOWS\System32\drivers\scdemu.sys 2016-04-16 13:15:23 1190000 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{75F00945-D1A1-4DAF-A851-B5CE977D58E0}\gapaengine.dll 2016-04-12 19:40:59 983904 ----a-w- C:\WINDOWS\System32\SecConfig.efi 2016-04-12 17:24:49 -------- d-----w- C:\ProgramData\Reason 2016-04-12 17:23:58 -------- d-----w- C:\Program Files\Reason 2016-04-12 16:36:04 -------- d-----w- C:\AdwCleaner 2016-04-12 15:44:48 -------- d-----w- C:\SUPERDelete 2016-04-12 15:29:47 -------- d-----w- C:\ProgramData\TXQMPC 2016-04-12 15:29:47 -------- d-----w- C:\Program Files\Common Files\Tencent 2016-04-12 15:29:46 128312 ----a-w- C:\WINDOWS\System32\drivers\TAOKernelEx64.sys 2016-04-12 15:29:39 -------- d-----w- C:\Program Files (x86)\Common Files\Tencent 2016-04-12 15:29:11 -------- d-----w- C:\Program Files (x86)\Tencent 2016-04-12 15:29:07 -------- d-----w- C:\Users\\AppData\Roaming\Tencent 2016-04-12 15:29:06 -------- d-----w- C:\ProgramData\Tencent 2016-04-12 15:18:58 80768 ----a-w- C:\WINDOWS\System32\drivers\ucguard.sys 2016-04-12 15:18:58 -------- d-----w- C:\Users\\AppData\Local\UCBrowser 2016-04-12 15:18:51 -------- d-----w- C:\Program Files (x86)\UCBrowser 2016-04-12 15:18:49 -------- d-----w- C:\Users\\AppData\Local\GetGo 2016-04-12 15:18:47 -------- d-----w- C:\Users\\AppData\Roaming\GetGo Software 2016-04-02 19:19:50 -------- d-----w- C:\Intel 2016-04-02 19:14:51 -------- d-----w- C:\Users\\Intel 2016-03-28 16:54:09 214832 ----a-w- C:\WINDOWS\System32\drivers\ssudmdm.sys . ==================== Find3M ==================== . 2016-04-23 15:47:47 192216 ----a-w- C:\WINDOWS\System32\drivers\MBAMSwissArmy.sys 2016-04-22 07:57:45 453288 ------w- C:\WINDOWS\System32\MpSigStub.exe 2016-04-06 18:32:41 829944 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe 2016-04-06 18:32:41 176632 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl 2016-03-29 06:40:50 3587584 ----a-w- C:\WINDOWS\System32\win32kfull.sys 2016-03-29 06:40:43 1381376 ----a-w- C:\WINDOWS\System32\win32kbase.sys 2016-03-25 07:14:46 7525376 ----a-w- C:\WINDOWS\System32\Chakra.dll 2016-03-25 06:54:39 5457408 ----a-w- C:\WINDOWS\SysWow64\Chakra.dll 2016-03-16 04:56:27 1022664 ----a-w- C:\WINDOWS\System32\winresume.efi 2016-03-16 04:56:20 861512 ----a-w- C:\WINDOWS\System32\winresume.exe 2016-03-16 04:56:00 3467784 ----a-w- C:\WINDOWS\System32\WSService.dll 2016-03-16 04:55:53 601344 ----a-w- C:\WINDOWS\System32\drivers\cng.sys 2016-03-16 04:55:53 1951872 ----a-w- C:\WINDOWS\System32\KernelBase.dll 2016-03-16 04:55:49 1299032 ----a-w- C:\WINDOWS\System32\winload.efi 2016-03-16 04:55:49 1127024 ----a-w- C:\WINDOWS\System32\winload.exe 2016-03-16 04:55:32 2495768 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll 2016-03-16 04:54:03 595016 ----a-w- C:\WINDOWS\System32\Windows.Internal.Shell.Broker.dll 2016-03-16 04:47:07 801632 ----a-w- C:\WINDOWS\System32\WWAHost.exe 2016-03-16 04:46:01 658568 ----a-w- C:\WINDOWS\System32\ClipSVC.dll 2016-03-16 04:45:57 140536 ----a-w- C:\WINDOWS\System32\AuthHost.exe 2016-03-16 04:41:42 208736 ----a-w- C:\WINDOWS\System32\AppxAllUserStore.dll 2016-03-16 04:41:27 607416 ----a-w- C:\WINDOWS\System32\fontdrvhost.exe 2016-03-16 04:37:02 1010016 ----a-w- C:\WINDOWS\System32\drivers\http.sys 2016-03-16 04:21:29 1531888 ----a-w- C:\WINDOWS\SysWow64\KernelBase.dll 2016-03-16 04:21:27 1767000 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll 2016-03-16 04:11:56 700256 ----a-w- C:\WINDOWS\SysWow64\WWAHost.exe 2016-03-16 04:08:13 151552 ----a-w- C:\WINDOWS\System32\MusNotification.exe 2016-03-16 04:06:10 181088 ----a-w- C:\WINDOWS\SysWow64\AppxAllUserStore.dll 2016-03-16 04:05:47 539728 ----a-w- C:\WINDOWS\SysWow64\fontdrvhost.exe 2016-03-16 04:03:45 76800 ----a-w- C:\WINDOWS\System32\browserbroker.dll 2016-03-16 04:03:23 911360 ----a-w- C:\WINDOWS\System32\SharedStartModel.dll 2016-03-16 04:00:08 21859840 ----a-w- C:\WINDOWS\System32\edgehtml.dll 2016-03-16 03:56:26 194048 ----a-w- C:\WINDOWS\System32\SharedStartModelShim.dll 2016-03-16 03:56:00 223232 ----a-w- C:\WINDOWS\System32\PhoneCallHistoryApis.dll 2016-03-16 03:55:59 257024 ----a-w- C:\WINDOWS\System32\UserDataAccountApis.dll 2016-03-16 03:55:44 23552 ----a-w- C:\WINDOWS\System32\ExtrasXmlParser.dll 2016-03-16 03:55:14 243200 ----a-w- C:\WINDOWS\System32\updatehandlers.dll 2016-03-16 03:55:14 183296 ----a-w- C:\WINDOWS\System32\fwbase.dll 2016-03-16 03:51:18 348672 ----a-w- C:\WINDOWS\System32\usocore.dll 2016-03-16 03:51:11 334848 ----a-w- C:\WINDOWS\System32\MusUpdateHandlers.dll 2016-03-16 03:49:41 1416192 ----a-w- C:\WINDOWS\System32\lsasrv.dll 2016-03-16 03:49:33 850432 ----a-w- C:\WINDOWS\System32\samsrv.dll 2016-03-16 03:47:30 856576 ----a-w- C:\WINDOWS\System32\MPSSVC.dll 2016-03-16 03:47:08 511488 ----a-w- C:\WINDOWS\System32\FirewallAPI.dll 2016-03-16 03:47:05 25600 ----a-w- C:\WINDOWS\System32\wfapigp.dll 2016-03-16 03:46:58 196096 ----a-w- C:\WINDOWS\System32\fwpolicyiomgr.dll 2016-03-16 03:44:00 1016832 ----a-w- C:\WINDOWS\System32\RDXService.dll 2016-03-16 03:43:26 147456 ----a-w- C:\WINDOWS\System32\mtxoci.dll 2016-03-16 03:43:21 573952 ----a-w- C:\WINDOWS\System32\Windows.Cortana.Desktop.dll 2016-03-16 03:42:51 1290240 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll 2016-03-16 03:42:22 2180608 ----a-w- C:\WINDOWS\System32\AppXDeploymentServer.dll 2016-03-16 03:42:16 181760 ----a-w- C:\WINDOWS\System32\shutdownux.dll 2016-03-16 03:41:10 950272 ----a-w- C:\WINDOWS\System32\kerberos.dll 2016-03-16 03:40:53 135168 ----a-w- C:\WINDOWS\System32\AuthBroker.dll 2016-03-16 03:40:47 322048 ----a-w- C:\WINDOWS\System32\vaultsvc.dll 2016-03-16 03:40:42 280576 ----a-w- C:\WINDOWS\System32\vaultcli.dll 2016-03-16 03:40:36 324096 ----a-w- C:\WINDOWS\System32\profsvc.dll 2016-03-16 03:40:35 95232 ----a-w- C:\WINDOWS\System32\samlib.dll 2016-03-16 03:40:32 931840 ----a-w- C:\WINDOWS\System32\AppxPackaging.dll 2016-03-16 03:40:17 214528 ----a-w- C:\WINDOWS\System32\Windows.Devices.Scanners.dll 2016-03-16 03:40:08 158208 ----a-w- C:\WINDOWS\System32\AppxSip.dll 2016-03-16 03:39:44 3363328 ----a-w- C:\WINDOWS\System32\msi.dll 2016-03-16 03:39:35 414208 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll 2016-03-16 03:39:11 81920 ----a-w- C:\WINDOWS\System32\AppxSysprep.dll 2016-03-16 03:38:04 1423872 ----a-w- C:\WINDOWS\System32\UserDataService.dll 2016-03-16 03:37:26 1521664 ----a-w- C:\WINDOWS\System32\ActiveSyncProvider.dll 2016-03-16 03:37:20 114688 ----a-w- C:\WINDOWS\System32\FontProvider.dll 2016-03-16 03:37:13 752640 ----a-w- C:\WINDOWS\System32\ChatApis.dll 2016-03-16 03:37:13 288256 ----a-w- C:\WINDOWS\System32\PimIndexMaintenance.dll 2016-03-16 03:37:03 856576 ----a-w- C:\WINDOWS\System32\ContactApis.dll 2016-03-16 03:37:00 685568 ----a-w- C:\WINDOWS\System32\AppointmentApis.dll 2016-03-16 03:35:43 607744 ----a-w- C:\WINDOWS\System32\AppxApplicabilityEngine.dll 2016-03-16 03:35:16 1794560 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.dll 2016-03-16 03:35:14 145408 ----a-w- C:\WINDOWS\System32\dssvc.dll 2016-03-16 03:35:10 246272 ----a-w- C:\WINDOWS\System32\PackageStateRoaming.dll 2016-03-16 03:35:03 185344 ----a-w- C:\WINDOWS\System32\psmsrv.dll 2016-03-16 03:34:30 1871872 ----a-w- C:\WINDOWS\System32\msxml3.dll 2016-03-16 03:33:34 670208 ----a-w- C:\WINDOWS\System32\ieproxy.dll 2016-03-16 03:32:04 65024 ----a-w- C:\WINDOWS\System32\basesrv.dll 2016-03-16 03:31:26 195584 ----a-w- C:\WINDOWS\SysWow64\UserDataAccountApis.dll 2016-03-16 03:31:24 172032 ----a-w- C:\WINDOWS\SysWow64\PhoneCallHistoryApis.dll 2016-03-16 03:31:14 18944 ----a-w- C:\WINDOWS\SysWow64\ExtrasXmlParser.dll 2016-03-16 03:28:22 163328 ----a-w- C:\WINDOWS\SysWow64\fwbase.dll 2016-03-16 03:27:23 161792 ----a-w- C:\WINDOWS\SysWow64\msorcl32.dll 2016-03-16 03:24:53 365056 ----a-w- C:\WINDOWS\SysWow64\FirewallAPI.dll 2016-03-16 03:24:36 19456 ----a-w- C:\WINDOWS\SysWow64\wfapigp.dll 2016-03-16 03:24:25 163840 ----a-w- C:\WINDOWS\SysWow64\fwpolicyiomgr.dll 2016-03-16 03:21:37 18796544 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll 2016-03-16 03:20:41 118272 ----a-w- C:\WINDOWS\SysWow64\mtxoci.dll 2016-03-16 03:18:15 768000 ----a-w- C:\WINDOWS\SysWow64\kerberos.dll 2016-03-16 03:18:04 104960 ----a-w- C:\WINDOWS\SysWow64\AuthBroker.dll 2016-03-16 03:17:46 203776 ----a-w- C:\WINDOWS\SysWow64\vaultcli.dll 2016-03-16 03:17:39 60928 ----a-w- C:\WINDOWS\SysWow64\samlib.dll 2016-03-16 03:17:35 842240 ----a-w- C:\WINDOWS\SysWow64\AppxPackaging.dll 2016-03-16 03:17:28 168448 ----a-w- C:\WINDOWS\SysWow64\Windows.Devices.Scanners.dll 2016-03-16 03:17:14 133120 ----a-w- C:\WINDOWS\SysWow64\AppxSip.dll 2016-03-16 03:17:01 3680256 ----a-w- C:\WINDOWS\SysWow64\msi.dll 2016-03-16 03:16:24 311808 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll 2016-03-16 03:14:21 557568 ----a-w- C:\WINDOWS\SysWow64\ChatApis.dll 2016-03-16 03:14:08 579584 ----a-w- C:\WINDOWS\SysWow64\AppointmentApis.dll . ============= FINISH: 17:48:47,84 ===============