Jump to content


Photo

Data File Corruption and Renaming


  • This topic is locked This topic is locked
5 replies to this topic

#1 Morty-MSSE

Morty-MSSE

    New Member

  • Members
  • 4 posts
  • Gender:Male
  • Location:Tacoma, WA


Posted 27 December 2016 - 01:47 PM

As indicated in my previous post all of my data has been corrupted and the data file has been renamed to a random name with the file extension *.A1E1.  As requested, here is the results from the DDS scan:

 

DDS (Ver_2012-11-20.01) - NTFS_AMD64
Internet Explorer: 11.0.14393.0
Run by sytro at 10:18:53 on 2016-12-27
Microsoft Windows 10 Pro  10.0.14393.0.1252.1.1033.18.16372.12934 [GMT -8:00]
.
AV: PC Matic Super Shield *Enabled/Updated* {A75D148F-9EA0-5C05-DCC3-E2888D63FFEC}
AV: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: PC Matic Super Shield *Enabled/Updated* {1C3CF56B-B89A-538B-E673-D9FAF6E4B551}
SP: Windows Defender *Disabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
============== Running Processes ===============
.
C:\WINDOWS\system32\svchost.exe -k DcomLaunch
C:\WINDOWS\system32\svchost.exe -k RPCSS
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k netsvcs
C:\WINDOWS\System32\svchost.exe -k NetworkService
C:\Windows\System32\WUDFHost.exe
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalServiceNoNetwork
C:\WINDOWS\system32\svchost.exe -k LocalService
C:\Windows\System32\WUDFHost.exe
C:\WINDOWS\system32\dashost.exe
C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe
C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceNetworkRestricted
C:\WINDOWS\system32\svchost.exe -k LocalSystemNetworkRestricted
C:\WINDOWS\System32\spoolsv.exe
C:\WINDOWS\system32\svchost.exe -k apphost
C:\WINDOWS\System32\svchost.exe -k utcsvc
C:\WINDOWS\system32\ftvspksrv.exe
C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
C:\WINDOWS\System32\drivers\o2flash.exe
C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe
c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
C:\WINDOWS\system32\svchost.exe -k iissvcs
c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
C:\WINDOWS\system32\svchost.exe -k imgsvc
C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
C:\WINDOWS\system32\DbxSvc.exe
C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
C:\WINDOWS\system32\svchost.exe -k appmodel
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
C:\WINDOWS\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\WINDOWS\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\WINDOWS\System32\vds.exe
C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
C:\WINDOWS\system32\svchost.exe -k UnistackSvcGroup
C:\WINDOWS\system32\sihost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\Windows\System32\RuntimeBroker.exe
C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
C:\Program Files (x86)\TeamViewer\TeamViewer.exe
C:\WINDOWS\system32\SearchIndexer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\SearchUI.exe
C:\Program Files (x86)\TeamViewer\tv_w32.exe
C:\Program Files (x86)\TeamViewer\tv_x64.exe
C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
C:\WINDOWS\system32\AUDIODG.EXE
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
C:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\PUA.EXE
C:\Program Files\Logitech\SetPointP\SetPoint.exe
C:\Program Files\Windows Defender\MSASCuiL.exe
C:\Users\sytro\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Windows\System32\rundll32.exe
C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
C:\Program Files (x86)\Skype\Phone\Skype.exe
C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe
C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe
C:\Windows\SysWoW64\MAFWDITray.exe
C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe
C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe
C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe
C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe
C:\Users\sytro\AppData\Local\Pushbullet\bin\pushbullet_client.exe
C:\Program Files (x86)\Stardock\ObjectDock\ObjectDockTray.exe
C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe
C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe
C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
C:\WINDOWS\sysWOW64\wbem\wmiprvse.exe
C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe
C:\WINDOWS\system32\SettingSyncHost.exe
C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\RemindersServer.exe
C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
C:\WINDOWS\system32\taskhostw.exe
C:\WINDOWS\system32\dwm.exe
C:\WINDOWS\System32\svchost.exe -k WerSvcGroup
C:\WINDOWS\system32\wbem\wmiprvse.exe
C:\Windows\System32\smartscreen.exe
C:\WINDOWS\System32\cscript.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://www.w7dk.org/
uLocal Page = %11%\blank.htm
BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
BHO: Nuance PDF Conversion Toolbar Helper: {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dll
BHO: PlusIEEventHelper Class: {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files (x86)\Nuance\Power PDF\bin\PlusIEContextMenu.dll
BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll
BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL
BHO: PCMatic AdBlocker: {FFCB3198-32F3-4E8B-9539-4324694ED664} - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll
TB: Nuance PDF Toolbar: {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient.dll
uRun: [OneDrive] "C:\Users\sytro\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
uRun: [AudioBox VSL] C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startup
uRun: [Amazon Music] "C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe"
uRun: [HP Officejet Pro 8600 (NET)] "C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe" -deviceID "CN27OBR0RM05KD:NW" -scfn "HP Officejet Pro 8600 (NET)" -AutoStart 1
uRun: [HP Officejet Pro 8620 (NET)] "C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe" -deviceID "CN479C406M:NW" -scfn "HP Officejet Pro 8620 (NET)" -AutoStart 1
uRun: [Flvto YouTube Downloader] "C:\Users\sytro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimize
uRun: [NETGEARGenie] "C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe" -mini -redirect
uRun: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
uRun: [Fences] "C:\program files (x86)\stardock\fences\Fences.exe" /startup
uRun: [Pushbullet] "C:\Program Files (x86)\Pushbullet\pushbullet.exe" -show false
mRun: [M-Audio Taskbar Icon] C:\WINDOWS\System32\MAFWDITray.exe
mRun: [Dropbox] "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
mRun: [ppbeuser] C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe
mRun: [Nuance PDF Converter Professional 8-reminder] "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"
mRun: [TWebCamera] "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun
mRun: [TRCMan] C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe
mRun: [PowerPDF Registry Controller] "C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe"
mRun: [NuanPowerPdf1NPDFLM] "C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe"
mRun: [Nuance Power PDF Advanced-reminder] "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Advanced\Ereg\Ereg.ini"
mRun: [PowerPDFInboxMonitor] "C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe" /run
mRun: [ISUSPM] C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe -scheduler
mRun: [RoxWatchTray] "C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatchTray15.exe"
mRun: [RUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe"
mRun: [Info Center] C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
mRun: [PC Matic] C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe
StartupFolder: C:\Users\sytro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\SIDEBA~2.LNK -
StartupFolder: C:\Users\sytro\AppData\Roaming\MICROS~1\Windows\STARTM~1\Programs\Startup\STARDO~1.LNK - C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\BLUETO~2.LNK - C:\Program Files (x86)\TOSHIBA\Bluetooth Monitor\BtMon2.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\DAXBET~1.LNK - C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\NUANCE~1.LNK - C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SECURE~1.LNK - C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe
StartupFolder: C:\PROGRA~3\MICROS~1\Windows\STARTM~1\Programs\StartUp\SMARTS~1.LNK - C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe
mPolicies-System: DSCAutomationHostEnabled = dword:2
mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
mPolicies-System: PromptOnSecureDesktop = dword:0
IE: E&xport to Microsoft Excel - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE/3000
IE: Open with Convert Assistant - C:\Program Files (x86)\Nuance\Power PDF\cnvres_eng.dll /100
IE: Se&nd to OneNote - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll/105
IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
DPF: {0E5F0222-96B9-11D3-8997-00104BD12D94} - hxxps://files.pcpitstop.com/cab/pcmatic.cab
TCP: NameServer = 74.50.204.4 74.50.204.5
TCP: Interfaces\{08e84e36-466d-440f-9ae9-390e70085e7a} : DHCPNameServer = 74.50.204.4 74.50.204.5
TCP: Interfaces\{2160b02a-c110-4a02-93cc-c6725668bfb7} : DHCPNameServer = 4.2.2.2 4.2.2.1
Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
Notify: MCPClient - C:\PROGRA~2\COMMON~1\Stardock\mcpstub.dll
SSODL: WebCheck - <orphaned>
SSODL: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\MCPCore.dll
SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL
LSA: Security Packages =  ""
CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
x64-BHO: Groove GFS Browser Helper: {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-BHO: Nuance PDF Conversion Toolbar Helper: {940361F8-7F16-4498-AB43-2EFFE0235AFA} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient_x64.dll
x64-BHO: PlusIEEventHelper Class: {9D137966-2E29-45C5-9B12-29D5427F8F66} - C:\Program Files (x86)\Nuance\Power PDF\bin\PlusIEContextMenu_x64.dll
x64-BHO: Logitech SetPoint: {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll
x64-BHO: Office Document Cache Handler: {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL
x64-TB: Nuance PDF Toolbar: {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\bin\SZeonIEFavClient_x64.dll
x64-Run: [SynTPEnh] C:\Program Files (x86)\Synaptics\SynTP\SynTPEnh.exe
x64-Run: [Fences] "C:\Program Files (x86)\Stardock\Fences\Fences.exe" /startup
x64-Run: [TosSENotify] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
x64-Run: [HDMICtrlMan] C:\Program Files (x86)\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
x64-Run: [TosReelTimeMonitor] C:\Program Files (x86)\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
x64-Run: [ThpSrv] C:\WINDOWS\System32\thpsrv /logon
x64-Run: [Corel Update Helper] "c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe" /t
x64-Run: [ShadowPlay] "C:\WINDOWS\System32\rundll32.exe" C:\WINDOWS\System32\nvspcap64.dll,ShadowPlayOnSystemStart
x64-Run: [EvtMgr6] C:\Program Files\Logitech\SetPointP\SetPoint.exe /launchGaming
x64-Run: [Logitech Download Assistant] C:\WINDOWS\System32\rundll32.exe C:\WINDOWS\System32\LogiLDA.dll,LogiFetch
x64-mPolicies-System: DSCAutomationHostEnabled = dword:2
x64-mPolicies-System: ConsentPromptBehaviorAdmin = dword:0
x64-mPolicies-System: PromptOnSecureDesktop = dword:0
x64-IE: {22CC3EBD-C286-43aa-B8E6-06B115F74162} - C:\Program Files (x86)\Hewlett-Packard\Smart Print\SmartPrintSetup.exe
x64-IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - C:\Program Files\Microsoft Office\Office14\ONBttnIE.dll
x64-IE: {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - {FFFDC614-B694-4AE6-AB38-5D6374584B52} - C:\Program Files\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
x64-Filter: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
x64-Handler: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Handler: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\WINDOWS\System32\tbauth.dll
x64-Notify: LBTWlgn - c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll
x64-SSODL: WebCheck - <orphaned>
x64-STS: FencesShlExt Class - {1984DD45-52CF-49cd-AB77-18F378FEA264} - C:\Program Files (x86)\Stardock\Fences\FencesMenu64.dll
x64-SEH: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL
x64-mASetup: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - /UserInstall
x64-mASetup: {89820200-ECBD-11cf-8B85-00AA005B4340} - U
x64-CLSID: {603D3801-BD81-11d0-A3A5-00C04FD706EC} - C:\WINDOWS\System32\windows.storage.dll
.
============= SERVICES / DRIVERS ===============
.
R0 EUBAKUP;EUBAKUP;C:\WINDOWS\System32\drivers\eubakup.sys [2016-9-11 60968]
R0 EUBKMON;EUBKMON;C:\WINDOWS\System32\drivers\EUBKMON.sys [2016-9-11 48168]
R0 intelpep;Intel® Power Engine Plug-in Driver;C:\WINDOWS\System32\drivers\intelpep.sys [2016-7-16 48152]
R0 iorate;iorate;C:\WINDOWS\System32\drivers\iorate.sys [2016-11-8 48992]
R0 O2MDGRDR;O2MDGRDR;C:\WINDOWS\System32\drivers\o2mdgx64.sys [2009-7-21 78976]
R0 PxHlpa64;PxHlpa64;C:\WINDOWS\System32\drivers\PxHlpa64.sys [2016-5-12 64984]
R0 Sahdad64;HDD Filter Driver;C:\WINDOWS\System32\drivers\Sahdad64.sys [2016-5-12 37032]
R0 Saibad64;Volume Filter Driver;C:\WINDOWS\System32\drivers\Saibad64.sys [2016-5-12 28840]
R0 Thpevm;TOSHIBA HDD Protection - Shock Sensor Driver;C:\WINDOWS\System32\drivers\Thpevm.sys [2016-5-10 27480]
R0 volume;Volume driver;C:\WINDOWS\System32\drivers\volume.sys [2016-7-16 16224]
R0 WindowsTrustedRT;Windows Trusted Execution Environment Class Extension;C:\WINDOWS\System32\drivers\WindowsTrustedRT.sys [2016-7-16 107032]
R0 WindowsTrustedRTProxy;Microsoft Windows Trusted Runtime Secure Service;C:\WINDOWS\System32\drivers\WindowsTrustedRTProxy.sys [2016-7-16 17944]
R0 Wof;Windows Overlay File System Filter Driver;C:\WINDOWS\System32\drivers\wof.sys [2016-8-23 199008]
R1 ahcache;Application Compatibility Cache;C:\WINDOWS\System32\drivers\ahcache.sys [2016-10-27 227328]
R1 EUDSKACS;EUDSKACS;C:\WINDOWS\System32\drivers\eudskacs.sys [2016-9-11 18472]
R1 EUFDDISK;EUFDDISK;C:\WINDOWS\System32\drivers\EuFdDisk.sys [2016-9-11 192552]
R1 FileCrypt;FileCrypt;C:\WINDOWS\System32\drivers\filecrypt.sys [2016-7-16 88576]
R1 GpuEnergyDrv;GPU Energy Driver;C:\WINDOWS\System32\drivers\gpuenergydrv.sys [2016-7-16 8192]
R1 SaibVdAd64;Virtual Disk Driver;C:\WINDOWS\System32\drivers\SaibVdAd64.sys [2016-5-12 36520]
R2 BOT4Service;BOT4Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [2016-8-23 46112]
R2 CDPSvc;Connected Devices Platform Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R2 CDPUserSvc_b3c8b;CDPUserSvc_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 clreg;Virtual Registry for Containers;C:\WINDOWS\System32\drivers\registry.sys [2016-7-16 70144]
R2 CoreMessagingRegistrar;CoreMessaging;C:\WINDOWS\System32\svchost.exe -k LocalServiceNoNetwork [2016-7-16 44496]
R2 DbxSvc;DbxSvc;C:\WINDOWS\System32\DbxSvc.exe [2016-12-21 42096]
R2 DiagTrack;Connected User Experiences and Telemetry;C:\WINDOWS\System32\svchost.exe -k utcsvc [2016-7-16 44496]
R2 EaseUS Agent;EaseUS Agent Service;C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [2016-9-11 39616]
R2 ftvspksrv;Virtual Serial Port Kit service;C:\WINDOWS\System32\ftvspksrv.exe [2016-10-12 473024]
R2 GladFileMonSvc;GladFileMonSvc;C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [2012-4-24 29552]
R2 IpOverUsbSvc;Windows Phone IP over USB Transport (IpOverUsbSvc);C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [2016-3-29 21184]
R2 L4301_Solar;Logitech Solar Keyboard Service;C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [2013-1-30 405744]
R2 NVDisplay.ContainerLocalSystem;NVIDIA Display Container LS;C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [2016-10-28 459832]
R2 OneSyncSvc_b3c8b;Sync Host_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R2 PCPitstop Realtime;PCPitstop Realtime;C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [2016-12-21 745280]
R2 PCPitstop Scheduling;PCPitstop Scheduling;C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [2016-12-21 198480]
R2 PSI_SVC_2_x64;Corel License Validation Service V2 x64, Powered by arvato;C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [2014-4-30 337776]
R2 regi;regi;C:\WINDOWS\System32\drivers\regi.sys [2007-4-16 14112]
R2 RoxioBurnLauncher;Roxio Burn Launcher;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe [2016-8-5 953888]
R2 ss_conn_service;SAMSUNG Mobile Connectivity Service;C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [2016-8-9 754784]
R2 Start10;Stardock Start10;C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [2015-2-3 219664]
R2 storqosflt;Storage QoS Filter Driver;C:\WINDOWS\System32\drivers\storqosflt.sys [2016-7-16 78336]
R2 TeamViewer;TeamViewer 12;C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2016-5-10 10216688]
R2 tiledatamodelsvc;Tile Data model server;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R2 UserManager;User Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R2 wcifs;Windows Container Isolation;C:\WINDOWS\System32\drivers\wcifs.sys [2016-9-30 119648]
R2 wcnfs;Windows Container Name Virtualization;C:\WINDOWS\System32\drivers\wcnfs.sys [2016-7-16 66560]
R2 WpnService;Windows Push Notifications System Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 FlexRadioSystemDAXService_Audio;@oem55.inf,%DeviceName% (WDM);FlexRadio Systems DAX Audio (WDM);C:\WINDOWS\System32\drivers\audiodax.sys [2016-7-21 68360]
R3 FlexRadioSystemDAXService_IQ;@oem101.inf,%DeviceName% (WDM);FlexRadio Systems DAX IQ (WDM);C:\WINDOWS\System32\drivers\iqdax.sys [2016-7-21 68488]
R3 FlexRadioSystemDAXService_MICAudio;@oem96.inf,%DeviceName% (WDM);FlexRadio Systems DAX MIC Audio (WDM);C:\WINDOWS\System32\drivers\micaudiodax.sys [2016-7-21 68360]
R3 FlexRadioSystemDAXService_TX;@oem49.inf,%DeviceName% (WDM);FlexRadio Systems DAX TX (WDM);C:\WINDOWS\System32\drivers\txdax.sys [2016-7-21 68488]
R3 ftvspenum;ftvspenum;C:\WINDOWS\System32\drivers\ftvspenum.sys [2015-12-3 83352]
R3 ftvsport;FabulaTech Virtual Serial Port Driver;C:\WINDOWS\System32\drivers\ftvsport.sys [2016-10-12 65432]
R3 L1C;NDIS Miniport Driver for Qualcomm Atheros AR81xx PCI-E Ethernet Controller;C:\WINDOWS\System32\drivers\L1C63x64.sys [2016-7-16 121344]
R3 LEqdUsb;Logitech SetPoint Unifying KMDF USB Filter;C:\WINDOWS\System32\drivers\LEqdUsb.sys [2015-6-17 87696]
R3 lfsvc;Geolocation Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
R3 LHidEqd;Logitech SetPoint Unifying KMDF HID Filter;C:\WINDOWS\System32\drivers\LHidEqd.sys [2015-6-17 23184]
R3 LicenseManager;Windows License Manager Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
R3 NcbService;Network Connection Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
R3 NdisVirtualBus;Microsoft Virtual Network Adapter Enumerator;C:\WINDOWS\System32\drivers\NdisVirtualBus.sys [2016-7-16 20480]
R3 NvContainerLocalSystem;NVIDIA LocalSystem Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-28 462784]
R3 nvvad_WaveExtensible;NVIDIA Virtual Audio Device (Wave Extensible) (WDM);C:\WINDOWS\System32\drivers\nvvad64v.sys [2016-7-14 46016]
R3 O2SDGx64;O2SDGx64;C:\WINDOWS\System32\drivers\o2sdgx64.sys [2012-9-6 56576]
R3 PGEffect;Pangu effect driver;C:\WINDOWS\System32\drivers\PGEffect.sys [2016-5-16 35008]
R3 PimIndexMaintenanceSvc_b3c8b;Contact Data_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 QIOMem;Generic IO & Memory Access;C:\WINDOWS\System32\drivers\QIOMem.sys [2016-5-10 22736]
R3 rtl8192se;Realtek Wireless LAN 802.11n PCI-E NIC NT Driver;C:\WINDOWS\System32\drivers\rtl8192se.sys [2016-7-16 1222656]
R3 StateRepository;State Repository Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
R3 teamviewervpn;TeamViewer VPN Adapter;C:\WINDOWS\System32\drivers\teamviewervpn.sys [2016-5-10 35112]
R3 TimeBrokerSvc;Time Broker;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
R3 TOSHIBA HDD SSD Alert Service;TOSHIBA HDD SSD Alert Service;C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe [2010-2-5 137560]
R3 UnistoreSvc_b3c8b;User Data Storage_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 UserDataSvc_b3c8b;User Data Access_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
R3 WirelessKeyboardFilter;Wireless Keyboard Filter Device Service;C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [2016-7-22 49896]
R3 WSDScan;WSD Scan Support;C:\WINDOWS\System32\drivers\WSDScan.sys [2016-7-16 24576]
R3 WUDFWpdMtp;WUDFWpdMtp;C:\WINDOWS\System32\drivers\WUDFRd.sys [2016-7-16 216064]
S2 dbupdate;Dropbox Update Service (dbupdate);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-10 143144]
S2 DoSvc;Delivery Optimization;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S2 MapsBroker;Downloaded Maps Manager;C:\WINDOWS\System32\svchost.exe -k NetworkService [2016-7-16 44496]
S2 RoxWatch15;Roxio Hard Drive Watcher 15;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatch15.exe [2016-8-26 350240]
S2 SkypeUpdate;Skype Updater;C:\Program Files (x86)\Skype\Updater\Updater.exe [2016-9-20 324224]
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269;Roxio SAIB Service;C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [2016-1-12 495816]
S3 AcpiDev;ACPI Devices driver;C:\WINDOWS\System32\drivers\AcpiDev.sys [2016-7-16 18432]
S3 ADP80XX;ADP80XX;C:\WINDOWS\System32\drivers\adp80xx.sys [2016-7-16 1135456]
S3 AJRouter;AllJoyn Router Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 applockerfltr;Smartlocker Filter Driver;C:\WINDOWS\System32\drivers\applockerfltr.sys [2016-7-16 15360]
S3 AppReadiness;App Readiness;C:\WINDOWS\System32\svchost.exe -k AppReadiness [2016-7-16 44496]
S3 AppvStrm;AppvStrm;C:\WINDOWS\System32\drivers\AppVStrm.sys [2016-9-30 127328]
S3 AppvVemgr;AppvVemgr;C:\WINDOWS\System32\drivers\AppvVemgr.sys [2016-7-16 157024]
S3 AppvVfs;AppvVfs;C:\WINDOWS\System32\drivers\AppvVfs.sys [2016-7-16 141152]
S3 AppXSvc;AppX Deployment Service (AppXSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 bcmfn;bcmfn Service;C:\WINDOWS\System32\drivers\bcmfn.sys [2016-7-16 9728]
S3 bcmfn2;bcmfn2 Service;C:\WINDOWS\System32\drivers\bcmfn2.sys [2016-7-16 9728]
S3 BthHFSrv;Bluetooth Handsfree Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceAndNoImpersonation [2016-7-16 44496]
S3 buttonconverter;Service for Portable Device Control devices;C:\WINDOWS\System32\drivers\buttonconverter.sys [2016-7-16 38912]
S3 CapImg;HID driver for CapImg touch screen;C:\WINDOWS\System32\drivers\capimg.sys [2016-10-27 118272]
S3 cht4iscsi;cht4iscsi;C:\WINDOWS\System32\drivers\cht4sx64.sys [2016-7-16 346976]
S3 cht4vbd;Chelsio Virtual Bus Driver;C:\WINDOWS\System32\drivers\cht4vx64.sys [2016-7-16 2104160]
S3 ClipSVC;Client License Service (ClipSVC);C:\WINDOWS\System32\svchost.exe -k wsappx [2016-7-16 44496]
S3 dbupdatem;Dropbox Update Service (dbupdatem);C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-5-10 143144]
S3 DcpSvc;DataCollectionPublishingService;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DeskScapes8;Stardock DeskScapes 8;C:\Program Files (x86)\Stardock\DeskScapes8\DS8Srv.exe [2014-3-10 75376]
S3 DevQueryBroker;DevQuery Background Discovery Broker;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudbus.sys [2016-8-9 130688]
S3 diagnosticshub.standardcollector.service;Microsoft ® Diagnostics Hub Standard Collector Service;C:\WINDOWS\System32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe [2016-7-16 93184]
S3 DmEnrollmentSvc;Device Management Enrollment Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 dmwappushservice;dmwappushsvc;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 DsSvc;Data Sharing Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 embeddedmode;Embedded Mode;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 EntAppSvc;Enterprise App Management Service;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 FrameServer;Windows Camera Frame Server;C:\WINDOWS\System32\svchost.exe -k Camera [2016-7-16 44496]
S3 genericusbfn;Generic USB Function Class;C:\WINDOWS\System32\drivers\genericusbfn.sys [2016-7-16 20480]
S3 Ham Radio Deluxe Remote Server;The Ham Radio Deluxe remote server;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDRemoteSvr.exe [2016-9-4 797696]
S3 HDRExpress3Service;HDRExpress3Service;C:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [2014-10-23 32784]
S3 hidinterrupt;Common Driver for HID Buttons implemented with interrupts;C:\WINDOWS\System32\drivers\hidinterrupt.sys [2016-7-16 50016]
S3 HRD RemoteSvr;HRD RemoteSvr;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDRemoteSvr.exe [2016-9-4 797696]
S3 HRD Serial Port Server;HRD Serial Port Server;C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDSerialPortSvr.exe [2011-9-24 503885]
S3 HvHost;HV Host Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 iagpio;Intel Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iagpio.sys [2016-7-16 33280]
S3 iai2c;Intel® Serial IO I2C Host Controller;C:\WINDOWS\System32\drivers\iai2c.sys [2016-7-16 81408]
S3 iaLPSS2i_GPIO2;Intel® Serial IO GPIO Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys [2016-7-16 64512]
S3 iaLPSS2i_I2C;Intel® Serial IO I2C Driver v2;C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys [2016-7-16 176384]
S3 iaLPSSi_GPIO;Intel® Serial IO GPIO Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys [2016-7-16 38128]
S3 iaLPSSi_I2C;Intel® Serial IO I2C Controller Driver;C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys [2016-7-16 113152]
S3 iaStorAV;Intel® SATA RAID Controller Windows;C:\WINDOWS\System32\drivers\iaStorAV.sys [2016-7-16 673120]
S3 ibbus;Mellanox InfiniBand Bus/AL (Filter Driver);C:\WINDOWS\System32\drivers\ibbus.sys [2016-7-16 526176]
S3 icssvc;Windows Mobile Hotspot Service;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 IndirectKmd;Indirect Displays Kernel-Mode Driver;C:\WINDOWS\System32\drivers\IndirectKmd.sys [2016-7-16 35840]
S3 Launch8;Stardock Launch;C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe [2015-8-24 274088]
S3 LSI_SAS2i;LSI_SAS2i;C:\WINDOWS\System32\drivers\lsi_sas2i.sys [2016-7-16 105824]
S3 LSI_SAS3i;LSI_SAS3i;C:\WINDOWS\System32\drivers\lsi_sas3i.sys [2016-7-16 101216]
S3 MAFWPROFIRE;Service for M-Audio ProFire;C:\WINDOWS\System32\drivers\MAudioProFire.sys [2013-6-3 288976]
S3 megasas2i;megasas2i;C:\WINDOWS\System32\drivers\MegaSas2i.sys [2016-10-11 64352]
S3 MessagingService_b3c8b;MessagingService_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 mlx4_bus;Mellanox ConnectX Bus Enumerator;C:\WINDOWS\System32\drivers\mlx4_bus.sys [2016-7-16 842584]
S3 MsSecFlt;Microsoft Security Events Component Minifilter;C:\WINDOWS\System32\drivers\mssecflt.sys [2016-7-16 179040]
S3 Multiplicity;Multiplicity Service;C:\Program Files (x86)\EdgeRunner\Multiplicity\MultiSrv.exe [2015-8-21 209216]
S3 ndfltr;NetworkDirect Service;C:\WINDOWS\System32\drivers\ndfltr.sys [2016-7-16 108896]
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library;C:\WINDOWS\System32\drivers\NetAdapterCx.sys [2016-7-16 90624]
S3 NETGEARGenieDaemon;NETGEARGenieDaemon;C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [2016-3-9 232192]
S3 NetSetupSvc;Network Setup Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 NgcCtnrSvc;Microsoft Passport Container;C:\WINDOWS\System32\svchost.exe -k LocalServiceNetworkRestricted [2016-7-16 44496]
S3 NgcSvc;Microsoft Passport;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 NPDFIFilterSrv;NPDFIFilterSrv;C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe [2016-6-15 218128]
S3 NvContainerNetworkService;NVIDIA NetworkService Container;C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2016-10-28 462784]
S3 NVIDIA Wireless Controller Service;NVIDIA Wireless Controller Service;C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [2016-10-28 1163712]
S3 NvStreamKms;NVIDIA KMS;C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [2016-12-15 27584]
S3 NvTelemetryContainer;NVIDIA Telemetry Container;C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [2016-12-15 425408]
S3 ose64;Office 64 Source Engine;C:\Program Files\Common Files\microsoft shared\Source Engine\OSE.EXE [2010-1-9 174440]
S3 percsas2i;percsas2i;C:\WINDOWS\System32\drivers\percsas2i.sys [2016-7-16 58720]
S3 percsas3i;percsas3i;C:\WINDOWS\System32\drivers\percsas3i.sys [2016-7-16 61792]
S3 PhoneSvc;Phone Service;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 ppbed;PowerPanel Business Edition Service;C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe [2016-5-11 184320]
S3 ReFSv1;ReFSv1;C:\WINDOWS\System32\drivers\refsv1.sys [2016-7-16 928608]
S3 RetailDemo;Retail Demo Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 RoxMediaDB15;RoxMediaDB15;C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxMediaDB15.exe [2016-8-26 1105952]
S3 ScDeviceEnum;Smart Card Device Enumeration Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 scmbus;Microsoft Storage Class Memory Bus Driver;C:\WINDOWS\System32\drivers\scmbus.sys [2016-7-16 88416]
S3 scmdisk0101;Microsoft NVDIMM-N disk driver;C:\WINDOWS\System32\drivers\scmdisk0101.sys [2016-7-16 123904]
S3 Sense;Windows Defender Advanced Threat Protection Service;C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2016-9-30 2889896]
S3 SensorDataService;Sensor Data Service;C:\WINDOWS\System32\SensorDataService.exe [2016-9-15 1312768]
S3 SensorService;Sensor Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 SerCx2;Serial UART Support Library;C:\WINDOWS\System32\drivers\SerCx2.sys [2016-7-16 151904]
S3 ShadowFX;Stardock ShadowFX;C:\Program Files (x86)\Stardock\ShadowFX\ShadowFXSrv.exe [2014-8-22 260232]
S3 smphost;Microsoft Storage Spaces SMP;C:\WINDOWS\System32\svchost.exe -k smphost [2016-7-16 44496]
S3 SmsRouter;Microsoft Windows SMS Router Service.;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 ssudmdm;SAMSUNG  Mobile USB Modem Drivers (DEVGURU Ver.);C:\WINDOWS\System32\drivers\ssudmdm.sys [2016-8-9 164992]
S3 stornvme;Microsoft Standard NVM Express Driver;C:\WINDOWS\System32\drivers\stornvme.sys [2016-9-30 81760]
S3 storufs;Microsoft Universal Flash Storage (UFS) Driver;C:\WINDOWS\System32\drivers\storufs.sys [2016-7-16 32096]
S3 Te.Service;Te.Service;C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [2016-3-28 137216]
S3 TeamFoundationSshService;Team Foundation Ssh Service;C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\Web Services\bin\TeamFoundationSshService.exe [2016-6-23 37096]
S3 TFSJobAgent;Visual Studio Team Foundation Background Job Agent;C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\TFSJobAgent\TfsJobAgent.exe [2016-6-23 36528]
S3 TieringEngineService;Storage Tiers Management;C:\WINDOWS\System32\TieringEngineService.exe [2016-7-16 287744]
S3 tzautoupdate;Auto Time Zone Updater;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 UcmCx0101;USB Connector Manager KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmCx.sys [2016-7-16 95744]
S3 UcmTcpciCx0101;UCM-TCPCI KMDF Class Extension;C:\WINDOWS\System32\drivers\UcmTcpciCx.sys [2016-7-16 108544]
S3 UcmUcsi;USB Connector Manager UCSI Client;C:\WINDOWS\System32\drivers\UcmUcsi.sys [2016-7-16 50688]
S3 UdeCx;USB Device Emulation Support Library;C:\WINDOWS\System32\drivers\Udecx.sys [2016-7-16 45568]
S3 UEFI;Microsoft UEFI Driver;C:\WINDOWS\System32\drivers\uefi.sys [2016-7-16 28512]
S3 Ufx01000;USB Function Class Extension;C:\WINDOWS\System32\drivers\ufx01000.sys [2016-7-16 263008]
S3 UfxChipidea;USB Chipidea Controller;C:\WINDOWS\System32\drivers\UfxChipidea.sys [2016-7-16 96608]
S3 ufxsynopsys;USB Synopsys Controller;C:\WINDOWS\System32\drivers\ufxsynopsys.sys [2016-7-16 137056]
S3 UrsChipidea;Chipidea USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urschipidea.sys [2016-7-16 28512]
S3 UrsCx01000;USB Role-Switch Support Library;C:\WINDOWS\System32\drivers\urscx01000.sys [2016-7-16 57696]
S3 UrsSynopsys;Synopsys USB Role-Switch Driver;C:\WINDOWS\System32\drivers\urssynopsys.sys [2016-7-16 27488]
S3 UsoSvc;Update Orchestrator Service for Windows Update;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 vhf;Virtual HID Framework (VHF) Driver;C:\WINDOWS\System32\drivers\vhf.sys [2016-7-16 32256]
S3 vmgid;Microsoft Hyper-V Guest Infrastructure Driver;C:\WINDOWS\System32\drivers\vmgid.sys [2016-7-16 10240]
S3 vmicguestinterface;Hyper-V Guest Service Interface;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vmicvmsession;Hyper-V PowerShell Direct Service;C:\WINDOWS\System32\svchost.exe -k LocalSystemNetworkRestricted [2016-7-16 44496]
S3 vsoagent.MortyQosmio.Agent-MortyQosmio;VSO Agent (MortyQosmio.Agent-MortyQosmio);"F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe" "vsoagent.MortyQosmio.Agent-MortyQosmio" --> F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe [?]
S3 VSStandardCollectorService140;Visual Studio Standard Collector Service;C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [2016-6-20 108776]
S3 w3logsvc;W3C Logging Service;C:\WINDOWS\System32\svchost.exe -k apphost [2016-7-16 44496]
S3 WalletService;WalletService;C:\WINDOWS\System32\svchost.exe -k appmodel [2016-7-16 44496]
S3 wdiwifi;WDI Driver Framework;C:\WINDOWS\System32\drivers\WdiWiFi.sys [2016-9-30 719360]
S3 WdNisDrv;Windows Defender Network Inspection System Driver;C:\WINDOWS\System32\drivers\WdNisDrv.sys [2016-7-16 123232]
S3 WdNisSvc;Windows Defender Network Inspection Service;C:\Program Files\Windows Defender\NisSrv.exe [2016-7-16 347328]
S3 WEPHOSTSVC;Windows Encryption Provider Host Service;C:\WINDOWS\System32\svchost.exe -k WepHostSvcGroup [2016-7-16 44496]
S3 WindowFX;Stardock WindowFX;C:\Program Files (x86)\Stardock\WindowFX\WindowFXSRV.exe [2014-6-12 181904]
S3 WinMad;WinMad Service;C:\WINDOWS\System32\drivers\winmad.sys [2016-7-16 32096]
S3 WinVerbs;WinVerbs Service;C:\WINDOWS\System32\drivers\winverbs.sys [2016-7-16 64864]
S3 wisvc;Windows Insider Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 WMSVC;Web Management Service;C:\WINDOWS\System32\inetsrv\WMSvc.exe [2016-7-16 12288]
S3 workfolderssvc;Work Folders;C:\WINDOWS\System32\svchost.exe -k LocalService [2016-7-16 44496]
S3 WpnUserService_b3c8b;Windows Push Notifications User Service_b3c8b;C:\WINDOWS\System32\svchost.exe -k UnistackSvcGroup [2016-7-16 44496]
S3 XblAuthManager;Xbox Live Auth Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 XblGameSave;Xbox Live Game Save;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xboxgip;Xbox Game Input Protocol Driver;C:\WINDOWS\System32\drivers\xboxgip.sys [2016-12-9 258560]
S3 XboxNetApiSvc;Xbox Live Networking Service;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S3 xinputhid;XINPUT HID Filter Driver;C:\WINDOWS\System32\drivers\xinputhid.sys [2016-9-1 43520]
S4 AppVClient;Microsoft App-V Client;C:\WINDOWS\System32\AppVClient.exe [2016-9-30 823136]
S4 RsFx0312;RsFx0312 Driver;C:\WINDOWS\System32\drivers\RsFx0312.sys [2016-10-6 249536]
S4 shpamsvc;Shared PC Account Manager;C:\WINDOWS\System32\svchost.exe -k netsvcs [2016-7-16 44496]
S4 SQLAgent$SQLEXPRESS;SQL Server Agent (SQLEXPRESS);C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [2016-10-6 613056]
S4 UevAgentDriver;UevAgentDriver;C:\WINDOWS\System32\drivers\UevAgentDriver.sys [2016-7-16 40288]
S4 UevAgentService;User Experience Virtualization Service;C:\WINDOWS\System32\AgentService.exe [2016-7-16 1227264]
.
=============== File Associations ===============
.
FileExt: .txt: txtfile=C:\WINDOWS\System32\NOTEPAD.EXE %1 [UserChoice]
.
=============== Created Last 30 ================
.
2016-12-27 17:29:31 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{8D30DD08-B287-4755-ACF8-F189C3A045F6}\mpengine.dll
2016-12-24 22:59:45 11781064 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2016-12-21 23:24:32 -------- d-----w- C:\ProgramData\PCPitstopDat
2016-12-21 23:21:30 -------- d-----w- C:\ProgramData\PCPitstop
2016-12-21 23:21:28 -------- d-----w- C:\Program Files (x86)\PCPitstop
2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-stable.sys
2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-dev.sys
2016-12-21 18:15:36 75888 ----a-w- C:\WINDOWS\System32\drivers\dbx-canary.sys
2016-12-21 18:15:36 42096 ----a-w- C:\WINDOWS\System32\DbxSvc.exe
2016-12-15 21:30:37 269600 ----a-w- C:\WINDOWS\SysWow64\vulkan-1.dll
2016-12-15 21:30:37 261920 ----a-w- C:\WINDOWS\System32\vulkan-1.dll
2016-12-15 21:30:37 125216 ----a-w- C:\WINDOWS\System32\vulkaninfo.exe
2016-12-15 21:30:37 110880 ----a-w- C:\WINDOWS\SysWow64\vulkaninfo.exe
2016-12-15 21:30:35 -------- d-----w- C:\Program Files (x86)\VulkanRT
2016-12-15 17:16:55 -------- d-----w- C:\Users\sytro\AppData\Local\Chromium
2016-12-15 17:16:20 1951 ----a-w- C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-15 17:15:34 156096 ----a-w- C:\WINDOWS\System32\nvaudcap64v.dll
2016-12-15 17:15:34 123840 ----a-w- C:\WINDOWS\SysWow64\nvaudcap32v.dll
2016-12-12 03:15:47 -------- d-----w- C:\Users\sytro\AppData\Local\FileZilla
2016-12-09 19:45:15 -------- d-----w- C:\Users\sytro\AppData\Roaming\NVIDIA
2016-12-09 16:29:59 381952 ----a-w- C:\WINDOWS\System32\cryptngc.dll
2016-12-09 16:28:59 936448 ----a-w- C:\WINDOWS\System32\NMAA.dll
2016-12-08 15:42:34 1167568 ----a-w- C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{902E70DC-620D-4A4D-A44A-12F488F10879}\gapaengine.dll
2016-12-07 22:00:58 -------- d-----w- C:\ProgramData\FlexRadio Systems
.
==================== Find3M  ====================
.
2016-12-12 23:37:06 1853376 ----a-w- C:\WINDOWS\System32\nvspcap64.dll
2016-12-12 23:37:05 1452480 ----a-w- C:\WINDOWS\SysWow64\nvspcap.dll
2016-12-12 23:37:03 1755072 ----a-w- C:\WINDOWS\System32\nvspbridge64.dll
2016-12-12 23:37:02 1317312 ----a-w- C:\WINDOWS\SysWow64\nvspbridge.dll
2016-12-12 23:37:01 120256 ----a-w- C:\WINDOWS\System32\NvRtmpStreamer64.dll
2016-12-12 23:36:34 46016 ----a-w- C:\WINDOWS\System32\drivers\nvvad64v.sys
2016-12-11 23:56:25 835576 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
2016-12-11 23:56:25 177656 ----a-w- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
2016-12-11 18:47:50 1951 ----a-w- C:\WINDOWS\NvContainerRecovery.bat
2016-12-11 18:47:44 6384576 ----a-w- C:\WINDOWS\System32\nvcpl.dll
2016-12-11 18:47:44 2475968 ----a-w- C:\WINDOWS\System32\nvsvc64.dll
2016-12-11 18:47:42 81856 ----a-w- C:\WINDOWS\System32\nv3dappshextr.dll
2016-12-11 18:47:42 71224 ----a-w- C:\WINDOWS\System32\nvshext.dll
2016-12-11 18:47:42 548408 ----a-w- C:\WINDOWS\System32\nv3dappshext.dll
2016-12-11 18:47:42 392128 ----a-w- C:\WINDOWS\System32\nvmctray.dll
2016-12-11 18:47:42 1764408 ----a-w- C:\WINDOWS\System32\nvsvcr.dll
2016-12-09 15:54:34 180224 ----a-w- C:\WINDOWS\System32\enrollmentapi.dll
2016-12-09 10:42:15 1637728 ----a-w- C:\WINDOWS\System32\appraiser.dll
2016-12-09 10:42:14 137568 ----a-w- C:\WINDOWS\System32\acmigration.dll
2016-12-09 10:34:34 894096 ----a-w- C:\WINDOWS\System32\winresume.exe
2016-12-09 10:34:34 1051112 ----a-w- C:\WINDOWS\System32\winresume.efi
2016-12-09 10:33:26 1354320 ----a-w- C:\WINDOWS\System32\winload.efi
2016-12-09 10:33:26 1173496 ----a-w- C:\WINDOWS\System32\winload.exe
2016-12-09 10:32:11 7816032 ----a-w- C:\WINDOWS\System32\ntoskrnl.exe
2016-12-09 10:30:39 377184 ----a-w- C:\WINDOWS\System32\drivers\clfs.sys
2016-12-09 10:29:23 2681200 ----a-w- C:\WINDOWS\System32\CoreUIComponents.dll
2016-12-09 10:28:24 764392 ----a-w- C:\WINDOWS\System32\CoreMessaging.dll
2016-12-09 10:27:38 172528 ----a-w- C:\WINDOWS\System32\sspicli.dll
2016-12-09 10:20:21 2677544 ----a-w- C:\WINDOWS\System32\d3d10warp.dll
2016-12-09 10:20:20 2189664 ----a-w- C:\WINDOWS\System32\drivers\dxgkrnl.sys
2016-12-09 10:20:16 658784 ----a-w- C:\WINDOWS\System32\drivers\dxgmms2.sys
2016-12-09 10:20:13 402272 ----a-w- C:\WINDOWS\System32\drivers\dxgmms1.sys
2016-12-09 10:20:12 1738560 ----a-w- C:\WINDOWS\System32\WindowsCodecs.dll
2016-12-09 10:19:35 1293152 ----a-w- C:\WINDOWS\System32\LicenseManager.dll
2016-12-09 10:19:21 168424 ----a-w- C:\WINDOWS\System32\bcrypt.dll
2016-12-09 10:18:47 624048 ----a-w- C:\WINDOWS\System32\drivers\cng.sys
2016-12-09 10:18:21 2913144 ----a-w- C:\WINDOWS\System32\combase.dll
2016-12-09 10:18:16 1100128 ----a-w- C:\WINDOWS\System32\hvix64.exe
2016-12-09 10:18:15 1267512 ----a-w- C:\WINDOWS\System32\WinTypes.dll
2016-12-09 10:18:14 811872 ----a-w- C:\WINDOWS\System32\hvloader.exe
2016-12-09 10:18:12 947552 ----a-w- C:\WINDOWS\System32\hvloader.efi
2016-12-09 10:18:09 989024 ----a-w- C:\WINDOWS\System32\hvax64.exe
2016-12-09 10:15:26 8168000 ----a-w- C:\WINDOWS\System32\Windows.Media.Protection.PlayReady.dll
2016-12-09 10:15:18 1988560 ----a-w- C:\WINDOWS\System32\mfmp4srcsnk.dll
2016-12-09 10:14:50 1274712 ----a-w- C:\WINDOWS\System32\ole32.dll
2016-12-09 10:14:33 241504 ----a-w- C:\WINDOWS\System32\CloudExperienceHost.dll
2016-12-09 10:11:15 2048496 ----a-w- C:\WINDOWS\SysWow64\CoreUIComponents.dll
2016-12-09 10:10:58 1461200 ----a-w- C:\WINDOWS\System32\user32.dll
2016-12-09 10:10:40 1572768 ----a-w- C:\WINDOWS\System32\gdi32full.dll
2016-12-09 10:09:27 455520 ----a-w- C:\WINDOWS\System32\securekernel.exe
2016-12-09 10:01:59 2323728 ----a-w- C:\WINDOWS\SysWow64\d3d10warp.dll
2016-12-09 10:01:43 1503544 ----a-w- C:\WINDOWS\SysWow64\WindowsCodecs.dll
2016-12-09 10:01:08 861024 ----a-w- C:\WINDOWS\SysWow64\LicenseManager.dll
2016-12-09 10:00:58 106896 ----a-w- C:\WINDOWS\SysWow64\bcrypt.dll
2016-12-09 09:59:25 846560 ----a-w- C:\WINDOWS\SysWow64\WinTypes.dll
2016-12-09 09:59:24 2166752 ----a-w- C:\WINDOWS\SysWow64\combase.dll
2016-12-09 09:57:01 1852720 ----a-w- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
2016-12-09 09:57:00 6668040 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.Protection.PlayReady.dll
2016-12-09 09:56:15 959112 ----a-w- C:\WINDOWS\SysWow64\ole32.dll
2016-12-09 09:52:21 1435896 ----a-w- C:\WINDOWS\SysWow64\user32.dll
2016-12-09 09:52:21 1415752 ----a-w- C:\WINDOWS\SysWow64\gdi32full.dll
2016-12-09 09:51:08 117240 ----a-w- C:\WINDOWS\SysWow64\sspicli.dll
2016-12-09 09:47:29 22563328 ----a-w- C:\WINDOWS\System32\edgehtml.dll
2016-12-09 09:45:47 40448 ----a-w- C:\WINDOWS\System32\WordBreakers.dll
2016-12-09 09:45:43 206848 ----a-w- C:\WINDOWS\System32\win32k.sys
2016-12-09 09:45:13 82432 ----a-w- C:\WINDOWS\System32\VSD3DWARP12Debug.dll
2016-12-09 09:42:29 227328 ----a-w- C:\WINDOWS\System32\cdd.dll
2016-12-09 09:42:03 61952 ----a-w- C:\WINDOWS\System32\VSD3DWARPDebug.dll
2016-12-09 09:41:22 380928 ----a-w- C:\WINDOWS\System32\wincorlib.dll
2016-12-09 09:41:06 32768 ----a-w- C:\WINDOWS\SysWow64\WordBreakers.dll
2016-12-09 09:40:38 147968 ----a-w- C:\WINDOWS\SysWow64\win32k.sys
2016-12-09 09:40:07 64000 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARP12Debug.dll
2016-12-09 09:38:39 324608 ----a-w- C:\WINDOWS\System32\Windows.ApplicationModel.LockScreen.dll
2016-12-09 09:37:29 261632 ----a-w- C:\WINDOWS\System32\indexeddbserver.dll
2016-12-09 09:37:10 411136 ----a-w- C:\WINDOWS\System32\facecredentialprovider.dll
2016-12-09 09:37:04 60928 ----a-w- C:\WINDOWS\SysWow64\VSD3DWARPDebug.dll
2016-12-09 09:37:01 49152 ----a-w- C:\WINDOWS\System32\Windows.UI.Shell.dll
2016-12-09 09:36:56 425984 ----a-w- C:\WINDOWS\System32\aadcloudap.dll
2016-12-09 09:36:32 410112 ----a-w- C:\WINDOWS\System32\AppXDeploymentClient.dll
2016-12-09 09:36:09 3059200 ----a-w- C:\WINDOWS\System32\msi.dll
2016-12-09 09:36:05 231936 ----a-w- C:\WINDOWS\SysWow64\Windows.ApplicationModel.LockScreen.dll
2016-12-09 09:36:02 6285312 ----a-w- C:\WINDOWS\System32\Windows.Media.dll
2016-12-09 09:34:52 822784 ----a-w- C:\WINDOWS\SysWow64\Chakradiag.dll
2016-12-09 09:34:31 288768 ----a-w- C:\WINDOWS\SysWow64\wincorlib.dll
2016-12-09 09:33:42 3777536 ----a-w- C:\WINDOWS\System32\MFMediaEngine.dll
2016-12-09 09:33:37 1589760 ----a-w- C:\WINDOWS\System32\msdtctm.dll
2016-12-09 09:32:18 635904 ----a-w- C:\WINDOWS\SysWow64\jscript9diag.dll
2016-12-09 09:31:22 3689984 ----a-w- C:\WINDOWS\SysWow64\msi.dll
2016-12-09 09:31:20 198656 ----a-w- C:\WINDOWS\SysWow64\indexeddbserver.dll
2016-12-09 09:31:11 313856 ----a-w- C:\WINDOWS\SysWow64\AppXDeploymentClient.dll
2016-12-09 09:30:32 19413504 ----a-w- C:\WINDOWS\SysWow64\edgehtml.dll
2016-12-09 09:30:31 4612608 ----a-w- C:\WINDOWS\SysWow64\Windows.Media.dll
2016-12-09 09:29:51 4749312 ----a-w- C:\WINDOWS\System32\SettingsHandlers_nt.dll
2016-12-09 09:28:55 1004544 ----a-w- C:\WINDOWS\System32\enterprisecsps.dll
2016-12-09 09:28:12 3306496 ----a-w- C:\WINDOWS\SysWow64\MFMediaEngine.dll
2016-12-09 09:27:55 5114368 ----a-w- C:\WINDOWS\System32\cdp.dll
2016-12-09 09:27:36 981504 ----a-w- C:\WINDOWS\System32\Windows.Security.Authentication.OnlineId.dll
2016-12-09 09:26:32 8129536 ----a-w- C:\WINDOWS\System32\Chakra.dll
2016-12-09 09:26:01 1692672 ----a-w- C:\WINDOWS\System32\AppXDeploymentExtensions.onecore.dll
2016-12-09 09:25:28 376832 ----a-w- C:\WINDOWS\System32\CryptoWinRT.dll
.
============= FINISH: 10:20:38.37 ===============

 

Here are the results of the Attach.txt file:

 

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2012-11-20.01)
.
Microsoft Windows 10 Pro
Boot Device: \Device\HarddiskVolume1
Install Date: 2016-08-08 18:40:11
System Uptime: 2016-12-27 09:35:12 (1 hours ago)
.
Motherboard: TOSHIBA |  | Qosmio X505
Processor: Intel® Core™ i7 CPU       Q 740  @ 1.73GHz | CPU 1 | 1734/133mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 465 GiB total, 281.685 GiB free.
D: is FIXED (NTFS) - 932 GiB total, 684.588 GiB free.
F: is FIXED (NTFS) - 931 GiB total, 928.208 GiB free.
G: is CDROM ()
.
==== Disabled Device Manager Items =============
.
Class GUID: {36fc9e60-c465-11cf-8056-444553540000}
Description: Unknown USB Device (Device Descriptor Request Failed)
Device ID: USB\VID_0000&PID_0002\8&B353290&0&4
Manufacturer: (Standard USB Host Controller)
Name: Unknown USB Device (Device Descriptor Request Failed)
PNP Device ID: USB\VID_0000&PID_0002\8&B353290&0&4
Service:
.
==== System Restore Points ===================
.
RP38: 2016-12-22 08:20:39 - Scheduled Checkpoint
.
==== Installed Programs ======================
.
 Tools for .Net 3.5
8GadgetPack
Active Directory Authentication Library for SQL Server
Active Directory Authentication Library for SQL Server (x86)
Advanced Workshop: Modern Drum Producion in SONAR
Amateur Contact Log
Amazon Kindle
Amazon Music
Anderton Content Collection
Ansel
Application Insights Tools for Visual Studio Express 2015 for Web
Application Insights Tools for Visual Studio Express 2015 for Windows 10
ARRL Antenna Book 23rd Edition
ARRL Field Day Contest Log
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver
AVS Audio Converter 8.1.1
AVS Audio Editor 8.1.1
AVS Audio Recorder version 4.0
AVS Cover Editor 2.0.1.3
AVS Disc Creator 5.2.5
AVS Document Converter 3.0.2
AVS DVD Copy 4.1.2.283
AVS Image Converter 4.0.2
AVS Media Player 4.3.1
AVS Photo Editor 2.3.4
AVS Registry Cleaner 3.0.3
AVS Ringtone Maker version 1.6
AVS Video Converter 9.2.1
AVS Video Editor 7.2.1
AVS Video Recorder 2.5
AVS Video ReMaker 5.0.2
Azure AD Authentication Connected Service
AzureTools.Notifications.VwdExpress
Behaviors SDK (Windows Phone) for Visual Studio 2013
Behaviors SDK (Windows) for Visual Studio 2013
Bing Bar
Bluetooth Monitor 4
Build Tools for Windows 10
Build Tools for Windows 10 - ENU
Cakewalk Boutique FX Suite
Cakewalk Classic Creative FX Suite
Cakewalk Engineering FX Suite
Cakewalk Studio Mixing FX Suite
CodedUITestUAP
Command Center
Contents
Corel AfterShot 3 - ICA x64
Corel AfterShot 3 - IPM Content x64
Corel AfterShot 3 - IPM x64
Corel AfterShot 3 x64
Corel AfterShot 3(64-bit)
Corel AfterShot HDR
Corel AfterShot Pro 2 - ICA x64
Corel AfterShot Pro 2 - IPM Content x64
Corel AfterShot Pro 2 - IPM x64
Corel AfterShot Pro 2 x64
Corel AfterShot Pro 2(64-bit)
Corel FastFlick
Corel PaintShop Pro X7
Corel PaintShop Pro X7
Corel PaintShop Pro X8
Corel Update Manager
Corel WinDVD
Creator NXT 5 Content
CyberPower PowerPanel Business Edition 3.1.2
Definition Update for Microsoft Office 2010 (KB3115475) 64-Bit Edition
Dimension Pro 1.5
Dropbox
Dropbox Update Helper
EaseUS Todo Backup Home 9.2
EdgeRunner Multiplicity
EdgeRunner SpaceMonger
Entity Framework 6.1.3 Tools  for Visual Studio 2015 Update 1
FileZilla Client 3.23.0.2
FlexRadio Systems FlexVSP
FlexRadio Systems SmartSDR Beta_v1.10.8
GDR 4213 for SQL Server 2014 (KB3070446) (64-bit)
Ham Radio Deluxe
HDMI Control Manager
HDR Express 3
Hotfix 4459 for SQL Server 2014 (KB3162659) (64-bit)
Hotfix 4487 for SQL Server 2014 (KB3194722) (64-bit)
HP Officejet Pro 8600 Basic Device Software
HP Officejet Pro 8600 Help
HP Officejet Pro 8600 Product Improvement Study
HP Officejet Pro 8620 Basic Device Software
HP Officejet Pro 8620 Help
HP Update
I.R.I.S. OCR
ICA
IDE Tools for Windows 10
IDE Tools for Windows 10 - ENU
IIS 10.0 Express
IIS Express Application Compatibility Database for x64
IIS Express Application Compatibility Database for x86
Intellisense Lang Pack Mobile Extension SDK 10.0.10586.0
InterVideo WinDVD BD for TOSHIBA
IPM_PSP_COM
IPM_PSP_COM64
IPM_VS_Pro
iZotope Music & Speech Cleaner
Kits Configuration Installer
LibreOffice 5.1.2.2
Logitech SetPoint 6.67
Logitech Solar App 1.10
M-Audio ProFire 6.1.1 (x64)
Melodyne Runtime 4.1 (x64)
Melodyne singletrack
Microsoft .NET Core 5.0 SDK
Microsoft .NET CoreRuntime For CoreCon
Microsoft .NET CoreRuntime SDK
Microsoft .NET Framework 4 Multi-Targeting Pack
Microsoft .NET Framework 4.5 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack
Microsoft .NET Framework 4.5.1 Multi-Targeting Pack (ENU)
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps
Microsoft .NET Framework 4.5.1 RC Multi-Targeting Pack for Windows Store Apps (ENU)
Microsoft .NET Framework 4.5.1 SDK
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack
Microsoft .NET Framework 4.5.2 Multi-Targeting Pack (ENU)
Microsoft .NET Framework 4.6 SDK
Microsoft .NET Framework 4.6 Targeting Pack
Microsoft .NET Framework 4.6 Targeting Pack (ENU)
Microsoft .NET Framework 4.6.1 Developer Pack
Microsoft .NET Framework 4.6.1 SDK
Microsoft .NET Framework 4.6.1 Targeting Pack
Microsoft .NET Framework 4.6.1 Targeting Pack (ENU)
Microsoft .NET Native SDK
Microsoft .NET Native SDK Tools (Express)
Microsoft .NET Version Manager (x64) 1.0.0-beta5
Microsoft Access database engine 2010 (English)
Microsoft Agents for Visual Studio 2015 Preview
Microsoft Agents for Visual Studio 2015 Preview - ENU
Microsoft ASP.NET and Web Tools 2015.1 (Beta8) - Visual Studio Express 2015 for Web
Microsoft ASP.NET MVC 4 - Visual Studio Express 2015 for Web - ENU
Microsoft ASP.NET MVC 4 Runtime
Microsoft ASP.NET Web Frameworks and Tools - Visual Studio Express 2015 for Web - ENU
Microsoft ASP.NET Web Pages 2 - Visual Studio Express 2015 for Web - ENU
Microsoft ASP.NET Web Pages 2 Runtime
Microsoft Azure Mobile Services Connected Service
Microsoft Azure Mobile Services SDK V2.0
Microsoft Azure Mobile Services Tools for Visual Studio - v1.4
Microsoft Azure Shared Components for Visual Studio 2015 - v1.8
Microsoft Azure Storage Connected Service
Microsoft Blend for Visual Studio 2015
Microsoft Blend for Visual Studio 2015 - ENU
Microsoft Build Tools 14.0 (amd64)
Microsoft Build Tools 14.0 (x86)
Microsoft Build Tools Language Resources 14.0 (amd64)
Microsoft Build Tools Language Resources 14.0 (x86)
Microsoft Help Viewer 2.2
Microsoft NuGet - Visual Studio Express 2015 for Web
Microsoft NuGet - Visual Studio Express 2015 for Windows
Microsoft NuGet - Visual Studio Express 2015 for Windows Desktop
Microsoft ODBC Driver 11 for SQL Server
Microsoft Office Access MUI (English) 2010
Microsoft Office Access Runtime (English) 2007
Microsoft Office Access Setup Metadata MUI (English) 2010
Microsoft Office Excel MUI (English) 2010
Microsoft Office Groove MUI (English) 2010
Microsoft Office InfoPath MUI (English) 2010
Microsoft Office Office 32-bit Components 2010
Microsoft Office OneNote MUI (English) 2010
Microsoft Office Outlook MUI (English) 2010
Microsoft Office PowerPoint MUI (English) 2010
Microsoft Office Professional Plus 2010
Microsoft Office Project MUI (English) 2010
Microsoft Office Project Professional 2010
Microsoft Office Proof (English) 2010
Microsoft Office Proof (French) 2010
Microsoft Office Proof (Spanish) 2010
Microsoft Office Proofing (English) 2010
Microsoft Office Publisher MUI (English) 2010
Microsoft Office Shared 32-bit MUI (English) 2010
Microsoft Office Shared MUI (English) 2010
Microsoft Office Shared Setup Metadata MUI (English) 2010
Microsoft Office Visio 2010
Microsoft Office Visio MUI (English) 2010
Microsoft Office Word MUI (English) 2010
Microsoft OneDrive
Microsoft Outlook Hotmail Connector 64-bit
Microsoft Portable Library Multi-Targeting Pack Language Pack - enu
Microsoft Project Professional 2010
Microsoft SQL Server 2008 Setup Support Files
Microsoft SQL Server 2012 Command Line Utilities
Microsoft SQL Server 2012 Native Client
Microsoft SQL Server 2014 (64-bit)
Microsoft SQL Server 2014 Express LocalDB
Microsoft SQL Server 2014 Management Objects
Microsoft SQL Server 2014 Management Objects  (x64)
Microsoft SQL Server 2014 RsFx Driver
Microsoft SQL Server 2014 Setup (English)
Microsoft SQL Server 2014 T-SQL Language Service
Microsoft SQL Server 2014 Transact-SQL ScriptDom
Microsoft SQL Server 2016 LocalDB
Microsoft SQL Server 2016 Management Objects
Microsoft SQL Server 2016 Management Objects  (x64)
Microsoft SQL Server 2016 T-SQL Language Service
Microsoft SQL Server 2016 T-SQL ScriptDom
Microsoft SQL Server Compact 4.0 SP1 x64 ENU
Microsoft SQL Server Data Tools - enu (14.0.60519.0)
Microsoft System CLR Types for SQL Server 2014
Microsoft System CLR Types for SQL Server 2016
Microsoft Team Foundation Server 2015 Update 3
Microsoft Team Foundation Server 2015 Update 3 Language Pack - ENU
Microsoft Team Foundation Server 2015 Update 3 Standard - ENU
Microsoft Visio Premium 2010
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2005 Redistributable (x64)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219
Microsoft Visual C++ 2012


#2 Morty-MSSE

Morty-MSSE

    New Member

  • Members
  • 4 posts
  • Gender:Male
  • Location:Tacoma, WA


Posted 27 December 2016 - 02:06 PM

Here are the results from the FRST64_Recovery Scan:

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-12-2016
Ran by sytro (administrator) on MORTYQOSMIO (27-12-2016 10:55:52)
Running from C:\Users\sytro\Desktop
Loaded Profiles: sytro & PCPitstopSVC (Available Profiles: sytro & PCPitstopSVC & .NET v4.5 & DefaultAppPool & .NET v4.5 Classic)
Platform: Windows 10 Pro Version 1607 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Stardock Corporation) C:\Program Files (x86)\Stardock\WindowBlinds\WBSrv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe
(Stardock Software, Inc) C:\Program Files (x86)\Stardock\Start10\Start10_64.exe
(Logitech, Inc.) C:\Program Files\Logitech\SolarApp\L4301_Solar.exe
(FabulaTech) C:\Windows\System32\ftvspksrv.exe
() C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(O2Micro International) C:\Windows\System32\drivers\o2flash.exe
(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(CHENGDU YIWO Tech Development Co., Ltd) C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe
(arvato digital services llc) C:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe
(DEVGURU Co., LTD.) C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
() C:\Program Files (x86)\Nuance\Nuance Cloud Connector\WOSVSSSvr.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe
(Microsoft Corporation) C:\Windows\System32\vds.exe
() C:\Program Files (x86)\EaseUS\Todo Backup\bin\TodoBackupService.exe
(simplitec GmbH) C:\Program Files (x86)\simplitec\simpliclean\ServiceProvider.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\tv_x64.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TOSHIBA Corporation.) C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(Corel Corporation) C:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\PUA.EXE
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
() C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Hewlett-Packard Development Company, LP) C:\Program Files\HP\HP Officejet Pro 8620\Bin\HPNetworkCommunicatorCom.exe
(FlexRadio Systems) C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe
(PKWARE, Inc.) C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe
(M-Audio, a brand of inMusic Brands, Inc.) C:\Windows\SysWOW64\MAFWDITray.exe
(FlexRadio Systems) C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe
(Cyber Power Systems, Inc.) C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe
(Gladinet, INC) C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladinetClient.exe
(TOSHIBA CORPORATION.) C:\Program Files (x86)\Toshiba\TOSHIBA Web Camera Application\TWebCamera.exe
(Hewlett-Packard Co.) C:\Program Files\HP\HP Officejet Pro 8600\Bin\HPNetworkCommunicator.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TRCMan\TRCMan.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\Dock64.exe
(Pushbullet Inc) C:\Users\sytro\AppData\Local\Pushbullet\bin\pushbullet_client.exe
(Stardock) C:\Program Files (x86)\Stardock\ObjectDock\ObjectDockTray.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe
(Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe
(PC Pitstop LLC) C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe
(PC Pitstop) C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe
(InterVideo) C:\Program Files (x86)\Common Files\InterVideo\RegMgr\iviRegMgr.exe
(Node.js) C:\Program Files (x86)\NVIDIA Corporation\NvNode\NVIDIA Web Helper.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
() C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NvContainer\nvcontainer.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_11.10.145.0_x64__kzf8qxf38zg5c\SkypeHost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Farbar) C:\Users\sytro\Desktop\FRST64_RecoveryScanTool.exe
==================== Registry (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1882920 2009-11-12] (Synaptics Incorporated)
HKLM\...\Run: [Fences] => C:\Program Files (x86)\Stardock\Fences\Fences.exe [3934168 2016-09-16] (Stardock Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [HDMICtrlMan] => C:\Program Files\TOSHIBA\HDMICtrlMan\HDMICtrlMan.exe [1037728 2010-07-21] (TOSHIBA Corporation.)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM\...\Run: [ThpSrv] => C:\WINDOWS\system32\thpsrv /logon
HKLM\...\Run: [Corel Update Helper] => c:\Program Files\Corel\Corel PaintShop Pro X8 (64-bit)\pua.exe [2012104 2015-11-27] (Corel Corporation)
HKLM\...\Run: [ShadowPlay] => "C:\WINDOWS\system32\rundll32.exe" C:\WINDOWS\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM\...\Run: [EvtMgr6] => C:\Program Files\Logitech\SetPointP\SetPoint.exe [3113592 2015-08-25] (Logitech, Inc.)
HKLM\...\Run: [Logitech Download Assistant] => C:\Windows\system32\rundll32.exe C:\Windows\System32\LogiLDA.dll,LogiFetch
HKLM-x32\...\Run: [M-Audio Taskbar Icon] => C:\Windows\SysWOW64\MAFWDITray.exe [315088 2013-06-03] (M-Audio, a brand of inMusic Brands, Inc.)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [25779624 2016-12-21] (Dropbox, Inc.)
HKLM-x32\...\Run: [ppbeuser] => C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbeuser.exe [147456 2016-03-08] (Cyber Power Systems, Inc.)
HKLM-x32\...\Run: [Nuance PDF Converter Professional 8-reminder] => "C:\Program Files (x86)\Nuance\PDF Professional 8\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\PDF Converter Professional 8\Ereg\Ereg.ini"
HKLM-x32\...\Run: [TWebCamera] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe [2454840 2009-11-24] (TOSHIBA CORPORATION.)
HKLM-x32\...\Run: [TRCMan] => C:\Program Files (x86)\TOSHIBA\TRCMan\TRCMan.exe [701752 2009-07-21] (TOSHIBA Corporation)
HKLM-x32\...\Run: [PowerPDF Registry Controller] => C:\Program Files (x86)\Nuance\Power PDF\RegistryController.exe [264416 2016-06-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [NuanPowerPdf1NPDFLM] => C:\Program Files (x86)\Nuance\Power PDF\NPDFLM.exe [3456552 2016-06-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [Nuance Power PDF Advanced-reminder] => "C:\Program Files (x86)\Nuance\Power PDF\Ereg\Ereg.exe" -r "C:\ProgramData\Nuance\Power PDF Advanced\Ereg\Ereg.ini"
HKLM-x32\...\Run: [PowerPDFInboxMonitor] => C:\Program Files (x86)\Nuance\Power PDF\InboxMonitor.exe [243120 2016-06-15] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [ISUSPM] => C:\ProgramData\FLEXnet\Connect\11\\isuspm.exe [324976 2010-05-21] (Flexera Software, Inc.)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [RoxWatchTray] => C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatchTray15.exe [303136 2016-08-26] (Corel Corporation)
HKLM-x32\...\Run: [RUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\rusb3mon.exe [115048 2011-09-20] (Renesas Electronics Corporation)
HKLM-x32\...\Run: [Info Center] => C:\Program Files (x86)\PCPitstop\Info Center\InfoCenter.exe [28976 2016-04-29] (PC Pitstop LLC)
HKLM-x32\...\Run: [PC Matic] => C:\Program Files (x86)\PCPitstop\Super Shield\PCMaticRT.exe [2144064 2016-12-19] (PC Pitstop)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
Winlogon\Notify\MCPClient: C:\Program Files (x86)\Common Files\Stardock\MCPStub.dll [2005-01-31] (Stardock)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [AudioBox VSL] => C:\Program Files\PreSonus\AudioBox\AudioBox.exe -startup
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Amazon Music] => C:\Users\sytro\AppData\Local\Amazon Music\Amazon Music Helper.exe [5907944 2016-04-14] ()
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [HP Officejet Pro 8600 (NET)] => C:\Program Files\HP\HP Officejet Pro 8600\Bin\ScanToPCActivationApp.exe [2573416 2012-10-17] (Hewlett-Packard Co.)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [HP Officejet Pro 8620 (NET)] => C:\Program Files\HP\HP Officejet Pro 8620\Bin\ScanToPCActivationApp.exe [3487240 2014-07-21] (Hewlett-Packard Development Company, LP)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Flvto YouTube Downloader] => "C:\Users\sytro\AppData\Local\Flvto YouTube Downloader\FlvtoYoutubeDownloader.exe" /minimize
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [NETGEARGenie] => C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenie.exe [611584 2016-03-09] (NETGEAR Inc.)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27226072 2016-11-15] (Skype Technologies S.A.)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Fences] => C:\program files (x86)\stardock\fences\Fences.exe [3934168 2016-09-16] (Stardock Corporation)
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\...\Run: [Pushbullet] => C:\Program Files (x86)\Pushbullet\pushbullet.exe [345600 2015-07-01] (Pushbullet inc)
SSODL-x32: 0aMCPClient - {F5DF91F9-15E9-416B-A7C3-7519B11ECBFC} - C:\PROGRA~2\COMMON~1\Stardock\MCPCore.dll (Stardock)
ShellIconOverlayIdentifiers: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon.dll [2012-04-24] (Gladinet, INC)
ShellIconOverlayIdentifiers: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU.dll [2012-04-24] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [ DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt10] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt3] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt4] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt5] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt6] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt7] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt8] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [ DropboxExt9] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.3.0.dll [2016-12-21] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [GladinetIconOverlay] -> {3C3DC57A-7535-48AF-BB9E-C3576A4F34D0} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIcon32.dll [2012-04-24] (Gladinet, INC)
ShellIconOverlayIdentifiers-x32: [GladinetUploading] -> {959A18D3-9CC9-41e8-B76F-34ED9A89D4EA} => C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GlOverlayIconU32.dll [2012-04-24] (Gladinet, INC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth Monitor.lnk [2016-05-16]
ShortcutTarget: Bluetooth Monitor.lnk -> C:\Program Files (x86)\Toshiba\Bluetooth Monitor\BtMon2.exe (TOSHIBA CORPORATION)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\DAX Beta_v1.10.8.39.lnk [2016-12-22]
ShortcutTarget: DAX Beta_v1.10.8.39.lnk -> C:\Program Files\FlexRadio Systems\SmartSDR\DAX\DAX.exe (FlexRadio Systems)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Nuance Cloud Connector.lnk [2016-05-11]
ShortcutTarget: Nuance Cloud Connector.lnk -> C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladLauncher.exe ()
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SecureZIP Attachments Status.lnk [2016-05-20]
ShortcutTarget: SecureZIP Attachments Status.lnk -> C:\Program Files (x86)\PKWARE\PKZIPM\14.20.0015\PKTray.exe (PKWARE, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\SmartSDR CAT v1.10.8.39.lnk [2016-12-22]
ShortcutTarget: SmartSDR CAT v1.10.8.39.lnk -> C:\Program Files\FlexRadio Systems\SmartSDR\SmartSDR CAT\Cat.exe (FlexRadio Systems)
Startup: C:\Users\sytro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Sidebar808.lnk [2016-12-27]
Startup: C:\Users\sytro\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Stardock ObjectDock.lnk [2016-05-14]
ShortcutTarget: Stardock ObjectDock.lnk -> C:\Program Files (x86)\Stardock\ObjectDock\ObjectDock.exe (Stardock)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 74.50.204.4 74.50.204.5
Tcpip\..\Interfaces\{08e84e36-466d-440f-9ae9-390e70085e7a}: [DhcpNameServer] 74.50.204.4 74.50.204.5
Tcpip\..\Interfaces\{2160b02a-c110-4a02-93cc-c6725668bfb7}: [DhcpNameServer] 4.2.2.2 4.2.2.1
Internet Explorer:
==================
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.w7dk.org/
HKU\S-1-5-21-3244274145-2722193653-490298892-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.arrl.org/
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)
BHO: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu_x64.dll [2016-06-03] (Zeon Corporation)
BHO: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2013-12-18] (Microsoft Corporation)
BHO-x32: Nuance PDF Conversion Toolbar Helper -> {940361F8-7F16-4498-AB43-2EFFE0235AFA} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)
BHO-x32: PlusIEEventHelper Class -> {9D137966-2E29-45C5-9B12-29D5427F8F66} -> C:\Program Files (x86)\Nuance\Power PDF\Bin\PlusIEContextMenu.dll [2016-06-03] (Zeon Corporation)
BHO-x32: Logitech SetPoint -> {AF949550-9094-4807-95EC-D1C317803333} -> C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll [2015-08-25] (Logitech, Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: PCMatic AdBlocker -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\PCMaticAdBlocker.dll [2016-09-15] (PC Matic, LLC)
Toolbar: HKLM - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient_x64.dll [2016-05-13] (Zeon Corporation)
Toolbar: HKLM-x32 - Nuance PDF Toolbar - {BED78D9C-A025-4FE9-B3BA-27E6D376A3D5} - C:\Program Files (x86)\Nuance\Power PDF\Bin\SZeonIEFavClient.dll [2016-05-13] (Zeon Corporation)
DPF: HKLM-x32 {0E5F0222-96B9-11D3-8997-00104BD12D94} hxxps://files.pcpitstop.com/cab/pcmatic.cab
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.9.0_neutral__d55gg7py3s0m0 [2016-10-25]
FireFox:
========
FF HKLM-x32\...\Firefox\Extensions: [sweb2pdfextension.2@nuance.com] - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtn
FF Extension: (Nuance PDF Create) - C:\Program Files (x86)\Nuance\Power PDF\bin\SFirefoxExtn [2016-06-28]
FF HKLM-x32\...\Firefox\Extensions: [{F003DA68-8256-4b37-A6C4-350FA04494DF}] - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt
FF Extension: (Logitech SetPoint) - C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt [2016-11-15] [not signed]
FF HKLM-x32\...\Firefox\Extensions: [noreply@pcpitstop.com] - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows
FF Extension: (PC Matic) - C:\Program Files (x86)\PCPitstop\PC Matic\AdBlockers\pc_matic-1.01-sm+fx+an-windows [2016-12-21]
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=2.2.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2016-06-01] (VideoLAN)
Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [okmhneofinpilciglijihehjpaegledb] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269; C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe [495816 2016-01-12] ()
R2 BOT4Service; C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe [46112 2016-08-23] ()
S2 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc.)
S3 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-05-10] (Dropbox, Inc.)
R2 DbxSvc; C:\WINDOWS\system32\DbxSvc.exe [42096 2016-12-21] (Dropbox, Inc.)
S3 DeskScapes8; C:\Program Files (x86)\Stardock\DeskScapes8\ds8srv.exe [75376 2014-03-10] (Stardock Software, Inc)
R2 EaseUS Agent; C:\Program Files (x86)\EaseUS\Todo Backup\bin\Agent.exe [39616 2016-06-03] (CHENGDU YIWO Tech Development Co., Ltd)
R2 ftvspksrv; C:\WINDOWS\system32\ftvspksrv.exe [473024 2016-10-12] (FabulaTech)
R2 GladFileMonSvc; C:\Program Files (x86)\Nuance\Nuance Cloud Connector\GladFileMonSvc.exe [29552 2012-04-24] (Gladinet, INC)
S3 Ham Radio Deluxe Remote Server; C:\Program Files (x86)\HRD SOFTWARE LLC\HAM RADIO DELUXE\HRDRemoteSvr.exe [797696 2016-09-04] (HRD Software, LLC) [File not signed]
S3 HDRExpress3Service; C:\Program Files\UCT\HDR Express 3\HDRExpress3Service.exe [32784 2014-10-23] ()
S3 HRD RemoteSvr; C:\Program Files (x86)\HRD Software LLC\Ham Radio Deluxe\HRDREMOTESVR.EXE [797696 2016-09-04] (HRD Software, LLC) [File not signed]
S3 HRD Serial Port Server; C:\Program Files (x86)\HRD SOFTWARE LLC\HAM RADIO DELUXE\HRDSerialPortSvr.exe [503885 2011-09-24] (Simon Brown, HB9DRV) [File not signed]
R2 IpOverUsbSvc; C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\bin\IpOverUsbSvc.exe [21184 2016-03-29] (Microsoft Corporation)
R2 L4301_Solar; C:\Program Files\Logitech\SolarApp\L4301_Solar.exe [405744 2013-01-30] (Logitech, Inc.)
S3 Launch8; C:\Program Files (x86)\Stardock\Launch8\Launch8Srv.exe [274088 2015-08-24] (Stardock Software, Inc)
R2 MSSQL$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [372416 2016-10-06] (Microsoft Corporation)
S3 Multiplicity; C:\Program Files (x86)\EdgeRunner\Multiplicity\MultiSrv.exe [209216 2015-08-21] (Stardock Software, Inc)
S3 NETGEARGenieDaemon; C:\Program Files (x86)\NETGEAR Genie\bin\NETGEARGenieDaemon64.exe [232192 2016-03-09] (NETGEAR)
S3 NPDFIFilterSrv; C:\Program Files (x86)\Nuance\Power PDF\NPDFIFilterSrv.exe [218128 2016-06-15] (Nuance Communications, Inc.)
R3 NvContainerLocalSystem; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
S3 NvContainerNetworkService; C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [462784 2016-12-12] (NVIDIA Corporation)
R2 NVDisplay.ContainerLocalSystem; C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe [459832 2016-12-11] (NVIDIA Corporation)
S3 NVIDIA Wireless Controller Service; C:\Program Files\NVIDIA Corporation\GeForce Experience Service\nvwirelesscontroller.exe [1163712 2016-12-12] (NVIDIA Corporation)
S3 NvTelemetryContainer; C:\Program Files (x86)\NVIDIA Corporation\NvTelemetry\NvTelemetryContainer.exe [425408 2016-12-12] (NVIDIA Corporation)
R2 PCPitstop Realtime; C:\Program Files (x86)\PCPitstop\Super Shield\PCPitstopRTService.exe [745280 2016-12-19] (PC Pitstop)
R2 PCPitstop Scheduling; C:\Program Files (x86)\PCPitstop\PCPitstopScheduleService.exe [198480 2016-09-15] (PC Pitstop LLC)
S3 ppbed; C:\Program Files (x86)\CyberPower PowerPanel Business Edition\bin\ppbed.exe [184320 2016-03-08] (Cyber Power Systems, Inc.) [File not signed]
R2 PSI_SVC_2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 PSI_SVC_2_x64; c:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [337776 2014-04-30] (arvato digital services llc)
R2 RoxioBurnLauncher; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Roxio Burn\RoxioBurnLauncher.exe [953888 2016-08-05] ()
S3 RoxMediaDB15; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxMediaDB15.exe [1105952 2016-08-26] (Corel Corporation)
S2 RoxWatch15; C:\Program Files (x86)\Roxio Creator NXT Pro 5\Common\RoxWatch15.exe [350240 2016-08-26] (Corel Corporation)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [2889896 2016-09-15] (Microsoft Corporation)
S3 ShadowFX; C:\Program Files (x86)\Stardock\ShadowFX\ShadowFXSrv.exe [260232 2014-08-22] (Stardock Software, Inc)
S4 SQLAgent$SQLEXPRESS; C:\Program Files\Microsoft SQL Server\MSSQL12.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [613056 2016-10-06] (Microsoft Corporation)
R2 ss_conn_service; C:\Program Files (x86)\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [754784 2016-07-21] (DEVGURU Co., LTD.)
R2 Start10; C:\Program Files (x86)\Stardock\Start10\Start10Srv.exe [219664 2015-02-03] (Stardock Software, Inc)
S3 Te.Service; C:\Program Files (x86)\Windows Kits\10\Testing\Runtimes\TAEF\Wex.Services.exe [137216 2016-03-28] (Microsoft Corporation) [File not signed]
S3 TeamFoundationSshService; C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\Web Services\bin\TeamFoundationSshService.exe [37096 2016-06-23] (Microsoft Corporation)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10216688 2016-11-28] (TeamViewer GmbH)
S3 TFSJobAgent; C:\Program Files\Microsoft Team Foundation Server 14.0\Application Tier\TfsJobAgent\TfsJobAgent.exe [36528 2016-06-23] (Microsoft Corporation)
S3 VSStandardCollectorService140; C:\Program Files (x86)\Microsoft Visual Studio 14.0\Team Tools\DiagnosticsHub\Collector\StandardCollector.Service.exe [108776 2016-06-20] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347328 2016-07-16] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [103720 2016-07-16] (Microsoft Corporation)
R2 WindowBlinds; C:\Program Files (x86)\Stardock\WindowBlinds\wbsrv.exe [89600 2015-12-02] (Stardock Corporation) [File not signed]
S3 WindowFX; C:\Program Files (x86)\Stardock\WindowFX\WindowFXSrv.exe [181904 2014-06-12] (Stardock Corporation)
S3 WMSVC; C:\WINDOWS\system32\inetsrv\wmsvc.exe [12288 2016-08-08] (Microsoft Corporation)
S3 vsoagent.MortyQosmio.Agent-MortyQosmio; "F:\TfsData\Agents\Agent-MortyQosmio\agent\vsoAgentService.exe" "vsoagent.MortyQosmio.Agent-MortyQosmio" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 dg_ssudbus; C:\WINDOWS\system32\DRIVERS\ssudbus.sys [130688 2016-07-21] (Samsung Electronics Co., Ltd.)
R0 EUBKMON; C:\WINDOWS\System32\drivers\EUBKMON.sys [48168 2015-12-10] ()
R3 FlexRadioSystemDAXService_Audio; C:\WINDOWS\system32\DRIVERS\audiodax.sys [68360 2016-06-07] (FlexRadio Systems)
R3 FlexRadioSystemDAXService_IQ; C:\WINDOWS\system32\DRIVERS\iqdax.sys [68488 2016-06-07] (FlexRadio Systems)
R3 FlexRadioSystemDAXService_MICAudio; C:\WINDOWS\system32\DRIVERS\micaudiodax.sys [68360 2016-06-07] (FlexRadio Systems)
R3 FlexRadioSystemDAXService_TX; C:\WINDOWS\system32\DRIVERS\txdax.sys [68488 2016-06-07] (FlexRadio Systems)
R3 ftvspenum; C:\WINDOWS\System32\drivers\ftvspenum.sys [83352 2015-12-03] (FabulaTech)
R3 ftvsport; C:\WINDOWS\system32\DRIVERS\ftvsport.sys [65432 2016-10-12] (FabulaTech)
S3 MAFWPROFIRE; C:\WINDOWS\system32\DRIVERS\MAudioProFire.sys [288976 2013-06-03] (M-Audio, a brand of inMusic Brands, Inc.)
S3 NetAdapterCx; C:\WINDOWS\System32\drivers\NetAdapterCx.sys [90624 2016-07-16] ()
R2 NPF; C:\WINDOWS\system32\drivers\npf.sys [35344 2016-05-14] (CACE Technologies, Inc.)
R3 nvlddmkm; C:\WINDOWS\System32\DriverStore\FileRepository\nvtdi.inf_amd64_1f9a85f0fdd5a3ad\nvlddmkm.sys [14200880 2016-12-12] (NVIDIA Corporation)
S3 NvStreamKms; C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [27584 2016-12-12] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\WINDOWS\system32\drivers\nvvad64v.sys [46016 2016-12-12] (NVIDIA Corporation)
R3 O2SDGx64; C:\WINDOWS\System32\drivers\o2sdgx64.sys [56576 2012-09-06] (O2Micro )
R0 PxHlpa64; C:\WINDOWS\System32\drivers\PxHlpa64.sys [64984 2015-12-15] (Corel Corporation)
S4 RsFx0312; C:\WINDOWS\System32\DRIVERS\RsFx0312.sys [249536 2016-10-06] (Microsoft Corporation)
R0 Sahdad64; C:\WINDOWS\System32\Drivers\Sahdad64.sys [37032 2016-01-12] (Corel Corporation)
R0 Saibad64; C:\WINDOWS\System32\Drivers\Saibad64.sys [28840 2016-01-12] (Corel Corporation)
R1 SaibVdAd64; C:\WINDOWS\System32\Drivers\SaibVdAd64.sys [36520 2016-01-12] (Corel Corporation)
R3 SensorsSimulatorDriver; C:\WINDOWS\System32\drivers\WUDFRd.sys [216064 2016-07-16] (Microsoft Corporation)
S3 ssudmdm; C:\WINDOWS\system32\DRIVERS\ssudmdm.sys [164992 2016-07-21] (Samsung Electronics Co., Ltd.)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [45720 2016-05-10] (Toshiba Corporation)
U5 tosporte; C:\Windows\System32\Drivers\tosporte.sys [54664 2009-06-17] (TOSHIBA Corporation)
U5 tosrfbnp; C:\Windows\System32\Drivers\tosrfbnp.sys [50664 2009-06-19] (TOSHIBA Corporation)
U5 Tosrfcom; C:\Windows\System32\Drivers\Tosrfcom.sys [81768 2009-07-28] (TOSHIBA Corporation)
U5 TosRfSnd; C:\Windows\System32\Drivers\TosRfSnd.sys [63488 2010-04-26] (TOSHIBA Corporation) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44056 2016-07-16] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [290144 2016-07-16] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [123232 2016-07-16] (Microsoft Corporation)
R3 WirelessKeyboardFilter; C:\WINDOWS\System32\drivers\WirelessKeyboardFilter.sys [49896 2016-07-22] (Microsoft Corporation)
S3 dbx; system32\DRIVERS\dbx.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2016-12-27 10:55 - 2016-12-27 10:56 - 00033456 _____ C:\Users\sytro\Desktop\FRST.txt
2016-12-27 10:15 - 2016-12-26 17:09 - 00688992 ____R (Swearware) C:\Users\sytro\Desktop\dds.com
2016-12-27 10:15 - 2016-12-26 08:43 - 02420736 _____ (Farbar) C:\Users\sytro\Desktop\FRST64_RecoveryScanTool.exe
2016-12-21 18:09 - 2016-12-21 18:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2016-12-21 15:52 - 2016-12-27 09:36 - 00000000 ____D C:\Users\PCPitstopSVC
2016-12-21 15:52 - 2016-12-21 15:52 - 00000020 ___SH C:\Users\PCPitstopSVC\ntuser.ini
2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\My Documents
2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Videos
2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Pictures
2016-12-21 15:52 - 2016-12-21 15:52 - 00000000 _SHDL C:\Users\PCPitstopSVC\Documents\My Music
2016-12-21 15:52 - 2016-08-08 17:37 - 00000000 ____D C:\Users\PCPitstopSVC\AppData\Local\Microsoft Help
2016-12-21 15:24 - 2016-12-27 10:55 - 00000000 ____D C:\ProgramData\PCPitstopDat
2016-12-21 15:21 - 2016-12-27 09:49 - 00000000 ____D C:\ProgramData\PCPitstop
2016-12-21 15:21 - 2016-12-21 15:24 - 00000000 ____D C:\Program Files (x86)\PCPitstop
2016-12-21 15:21 - 2016-12-21 15:21 - 00001313 _____ C:\Users\sytro\Desktop\PC Matic.lnk
2016-12-21 15:21 - 2016-12-21 15:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Pitstop
2016-12-21 15:19 - 2016-12-27 10:15 - 00000000 ____D C:\Users\sytro\Downloads\PCMatic
2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-stable.sys
2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-dev.sys
2016-12-21 10:15 - 2016-12-21 10:15 - 00075888 _____ (Dropbox, Inc.) C:\WINDOWS\system32\Drivers\dbx-canary.sys
2016-12-21 10:15 - 2016-12-21 10:15 - 00042096 _____ (Dropbox, Inc.) C:\WINDOWS\system32\DbxSvc.exe
2016-12-17 12:17 - 2016-12-17 12:17 - 00003282 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2016-12-15 13:36 - 2016-12-27 09:34 - 00003296 _____ C:\Users\sytro\Network_Meter_Data.js
2016-12-15 13:30 - 2016-12-15 13:30 - 00000000 ____D C:\Program Files (x86)\VulkanRT
2016-12-15 13:30 - 2016-09-09 10:25 - 00269600 _____ C:\WINDOWS\SysWOW64\vulkan-1.dll
2016-12-15 13:30 - 2016-09-09 10:25 - 00261920 _____ C:\WINDOWS\system32\vulkan-1.dll
2016-12-15 13:30 - 2016-09-09 10:25 - 00110880 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2016-12-15 13:30 - 2016-09-09 10:24 - 00125216 _____ C:\WINDOWS\system32\vulkaninfo.exe
2016-12-15 13:27 - 2016-12-11 19:03 - 40125496 _____ C:\WINDOWS\system32\nvcompiler.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 35222976 _____ C:\WINDOWS\SysWOW64\nvcompiler.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 34710584 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvoglv64.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 28201408 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvoglv32.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 10912744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvptxJitCompiler.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 10803880 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvopencl.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 10353960 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuda.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 09158616 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvopencl.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 08913328 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvptxJitCompiler.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 08761560 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuda.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 02950200 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvcuvid.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 02587704 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvcuvid.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 01953336 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispco6437633.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 01586744 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvdispgenco6437633.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 01038392 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvFBC64.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 00974784 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvFBC.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 00942528 _____ (NVIDIA Corporation) C:\WINDOWS\system32\NvIFR64.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 00894400 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\NvIFR.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 00683640 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvfatbinaryLoader.dll
2016-12-15 13:27 - 2016-12-11 19:03 - 00572888 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvfatbinaryLoader.dll
2016-12-15 09:16 - 2016-12-20 22:30 - 00005110 _____ C:\ProgramData\NvTelemetryContainer.log_backup1
2016-12-15 09:16 - 2016-12-15 09:16 - 00004408 _____ C:\WINDOWS\System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}
2016-12-15 09:16 - 2016-12-15 09:16 - 00000000 ____D C:\Users\sytro\AppData\Local\Chromium
2016-12-15 09:16 - 2016-12-12 06:36 - 00001951 _____ C:\WINDOWS\NvTelemetryContainerRecovery.bat
2016-12-15 09:15 - 2016-12-12 15:36 - 00156096 _____ (NVIDIA Corporation) C:\WINDOWS\system32\nvaudcap64v.dll
2016-12-15 09:15 - 2016-12-12 15:36 - 00123840 _____ (NVIDIA Corporation) C:\WINDOWS\SysWOW64\nvaudcap32v.dll
2016-12-15 08:05 - 2016-12-09 02:42 - 01637728 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-12-15 08:05 - 2016-12-09 02:42 - 00137568 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-12-15 08:05 - 2016-12-09 02:34 - 01051112 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2016-12-15 08:05 - 2016-12-09 02:34 - 00894096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2016-12-15 08:05 - 2016-12-09 02:33 - 01354320 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2016-12-15 08:05 - 2016-12-09 02:33 - 01173496 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2016-12-15 08:05 - 2016-12-09 02:32 - 07816032 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-12-15 08:05 - 2016-12-09 02:30 - 00377184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2016-12-15 08:05 - 2016-12-09 02:29 - 02681200 _____ C:\WINDOWS\system32\CoreUIComponents.dll
2016-12-15 08:05 - 2016-12-09 02:28 - 00764392 _____ (Microsoft Corporation) C:\WINDOWS\system32\CoreMessaging.dll
2016-12-15 08:05 - 2016-12-09 02:27 - 00172528 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2016-12-15 08:05 - 2016-12-09 02:20 - 02677544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2016-12-15 08:05 - 2016-12-09 02:20 - 02189664 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2016-12-15 08:05 - 2016-12-09 02:20 - 01738560 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2016-12-15 08:05 - 2016-12-09 02:20 - 00658784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms2.sys
2016-12-15 08:05 - 2016-12-09 02:20 - 00402272 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgmms1.sys
2016-12-15 08:05 - 2016-12-09 02:19 - 01293152 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicenseManager.dll
2016-12-15 08:05 - 2016-12-09 02:19 - 00168424 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcrypt.dll
2016-12-15 08:05 - 2016-12-09 02:18 - 02913144 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2016-12-15 08:05 - 2016-12-09 02:18 - 01267512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2016-12-15 08:05 - 2016-12-09 02:18 - 01100128 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2016-12-15 08:05 - 2016-12-09 02:18 - 00989024 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2016-12-15 08:05 - 2016-12-09 02:18 - 00947552 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.efi
2016-12-15 08:05 - 2016-12-09 02:18 - 00811872 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.exe
2016-12-15 08:05 - 2016-12-09 02:18 - 00624048 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-12-15 08:05 - 2016-12-09 02:15 - 08168000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2016-12-15 08:05 - 2016-12-09 02:15 - 01988560 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2016-12-15 08:05 - 2016-12-09 02:14 - 01274712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ole32.dll
2016-12-15 08:05 - 2016-12-09 02:14 - 00241504 _____ (Microsoft Corporation) C:\WINDOWS\system32\CloudExperienceHost.dll
2016-12-15 08:05 - 2016-12-09 02:11 - 02048496 _____ C:\WINDOWS\SysWOW64\CoreUIComponents.dll
2016-12-15 08:05 - 2016-12-09 02:10 - 01572768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2016-12-15 08:05 - 2016-12-09 02:10 - 01461200 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2016-12-15 08:05 - 2016-12-09 02:09 - 00455520 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2016-12-15 08:05 - 2016-12-09 02:01 - 02323728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2016-12-15 08:05 - 2016-12-09 02:01 - 01503544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2016-12-15 08:05 - 2016-12-09 02:01 - 00861024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicenseManager.dll
2016-12-15 08:05 - 2016-12-09 02:00 - 00106896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcrypt.dll
2016-12-15 08:05 - 2016-12-09 01:59 - 02166752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2016-12-15 08:05 - 2016-12-09 01:59 - 00846560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2016-12-15 08:05 - 2016-12-09 01:57 - 06668040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2016-12-15 08:05 - 2016-12-09 01:57 - 01852720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2016-12-15 08:05 - 2016-12-09 01:56 - 00959112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ole32.dll
2016-12-15 08:05 - 2016-12-09 01:52 - 01435896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2016-12-15 08:05 - 2016-12-09 01:52 - 01415752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2016-12-15 08:05 - 2016-12-09 01:51 - 00117240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2016-12-15 08:05 - 2016-12-09 01:47 - 22563328 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2016-12-15 08:05 - 2016-12-09 01:45 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2016-12-15 08:05 - 2016-12-09 01:45 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARP12Debug.dll
2016-12-15 08:05 - 2016-12-09 01:45 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\WordBreakers.dll
2016-12-15 08:05 - 2016-12-09 01:42 - 00227328 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdd.dll
2016-12-15 08:05 - 2016-12-09 01:42 - 00061952 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSD3DWARPDebug.dll
2016-12-15 08:05 - 2016-12-09 01:41 - 00380928 _____ (Microsoft Corporation) C:\WINDOWS\system32\wincorlib.dll
2016-12-15 08:05 - 2016-12-09 01:41 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WordBreakers.dll
2016-12-15 08:05 - 2016-12-09 01:40 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32k.sys
2016-12-15 08:05 - 2016-12-09 01:40 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARP12Debug.dll
2016-12-15 08:05 - 2016-12-09 01:38 - 00324608 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.LockScreen.dll
2016-12-15 08:05 - 2016-12-09 01:37 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2016-12-15 08:05 - 2016-12-09 01:37 - 00261632 _____ (Microsoft Corporation) C:\WINDOWS\system32\indexeddbserver.dll
2016-12-15 08:05 - 2016-12-09 01:37 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VSD3DWARPDebug.dll
2016-12-15 08:05 - 2016-12-09 01:37 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Shell.dll
2016-12-15 08:05 - 2016-12-09 01:36 - 06285312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.dll
2016-12-15 08:05 - 2016-12-09 01:36 - 03059200 _____ (Microsoft Corporation) C:\WINDOWS\system32\msi.dll
2016-12-15 08:05 - 2016-12-09 01:36 - 00425984 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadcloudap.dll
2016-12-15 08:05 - 2016-12-09 01:36 - 00410112 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2016-12-15 08:05 - 2016-12-09 01:36 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.LockScreen.dll
2016-12-15 08:05 - 2016-12-09 01:34 - 00822784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakradiag.dll
2016-12-15 08:05 - 2016-12-09 01:34 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wincorlib.dll
2016-12-15 08:05 - 2016-12-09 01:33 - 03777536 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2016-12-15 08:05 - 2016-12-09 01:33 - 01589760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtctm.dll
2016-12-15 08:05 - 2016-12-09 01:32 - 00635904 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9diag.dll
2016-12-15 08:05 - 2016-12-09 01:31 - 03689984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msi.dll
2016-12-15 08:05 - 2016-12-09 01:31 - 00313856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2016-12-15 08:05 - 2016-12-09 01:31 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\indexeddbserver.dll
2016-12-15 08:05 - 2016-12-09 01:30 - 23677952 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-12-15 08:05 - 2016-12-09 01:30 - 19413504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2016-12-15 08:05 - 2016-12-09 01:30 - 04612608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.dll
2016-12-15 08:05 - 2016-12-09 01:29 - 04749312 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_nt.dll
2016-12-15 08:05 - 2016-12-09 01:28 - 03306496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2016-12-15 08:05 - 2016-12-09 01:28 - 01004544 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2016-12-15 08:05 - 2016-12-09 01:27 - 19417088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-12-15 08:05 - 2016-12-09 01:27 - 13084160 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-12-15 08:05 - 2016-12-09 01:27 - 05114368 _____ (Microsoft Corporation) C:\WINDOWS\system32\cdp.dll
2016-12-15 08:05 - 2016-12-09 01:27 - 00981504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2016-12-15 08:05 - 2016-12-09 01:26 - 08129536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2016-12-15 08:05 - 2016-12-09 01:26 - 01692672 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2016-12-15 08:05 - 2016-12-09 01:25 - 00376832 _____ (Microsoft Corporation) C:\WINDOWS\system32\CryptoWinRT.dll
2016-12-15 08:05 - 2016-12-09 01:24 - 06583296 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d12warp.dll
2016-12-15 08:05 - 2016-12-09 01:24 - 02275840 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2016-12-15 08:05 - 2016-12-09 01:23 - 12177920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-12-15 08:05 - 2016-12-09 01:22 - 02820096 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputService.dll
2016-12-15 08:05 - 2016-12-09 01:22 - 02688512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Logon.dll
2016-12-15 08:05 - 2016-12-09 01:22 - 01490944 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-12-15 08:05 - 2016-12-09 01:21 - 04746752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-12-15 08:05 - 2016-12-09 01:21 - 03616768 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2016-12-15 08:05 - 2016-12-09 01:21 - 01512960 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2016-12-15 08:05 - 2016-12-09 01:21 - 00716800 _____ (Microsoft Corporation) C:\WINDOWS\system32\ShareHost.dll
2016-12-15 08:05 - 2016-12-09 01:20 - 06044160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2016-12-15 08:05 - 2016-12-09 01:20 - 03198464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cdp.dll
2016-12-15 08:05 - 2016-12-09 01:20 - 00730624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2016-12-15 08:05 - 2016-12-09 01:20 - 00187392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mdmregistration.dll
2016-12-15 08:05 - 2016-12-09 01:20 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2016-12-15 08:05 - 2016-12-09 01:19 - 01121280 _____ (Microsoft Corporation) C:\WINDOWS\system32\aadtb.dll
2016-12-15 08:05 - 2016-12-09 01:19 - 00433664 _____ (Microsoft Corporation) C:\WINDOWS\system32\TextInputFramework.dll
2016-12-15 08:05 - 2016-12-09 01:19 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Core.TextInput.dll
2016-12-15 08:05 - 2016-12-09 01:19 - 00119296 _____ (Microsoft Corporation) C:\WINDOWS\system32\InputLocaleManager.dll
2016-12-15 08:05 - 2016-12-09 01:19 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\EditBufferTestHook.dll
2016-12-15 08:05 - 2016-12-09 01:18 - 03666432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-12-15 08:05 - 2016-12-09 01:18 - 02138112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputService.dll
2016-12-15 08:05 - 2016-12-09 01:18 - 00165376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mdmregistration.dll
2016-12-15 08:05 - 2016-12-09 01:17 - 04978176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d12warp.dll
2016-12-15 08:05 - 2016-12-09 01:17 - 00886272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aadtb.dll
2016-12-15 08:05 - 2016-12-09 01:17 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ShareHost.dll
2016-12-15 08:05 - 2016-12-09 01:16 - 02998272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2016-12-15 08:05 - 2016-12-09 01:16 - 01880576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Logon.dll
2016-12-15 08:05 - 2016-12-09 01:16 - 00353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TextInputFramework.dll
2016-12-15 08:05 - 2016-12-09 01:15 - 00206848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Core.TextInput.dll
2016-12-15 08:05 - 2016-12-09 01:15 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\InputLocaleManager.dll
2016-12-15 08:05 - 2016-12-09 01:15 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EditBufferTestHook.dll
2016-12-15 08:05 - 2016-12-09 00:54 - 00483840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CoreMessaging.dll
2016-12-14 19:47 - 2016-12-14 19:47 - 00066461 _____ C:\Users\sytro\Desktop\_README_10KWUL3O_.hta
2016-12-14 19:14 - 2016-12-14 19:14 - 00066461 _____ C:\Users\sytro\_README_0MXA4I_.hta
2016-12-14 19:01 - 2016-12-14 19:01 - 00066461 _____ C:\Users\sytro\Downloads\_README_4YDMC5P_.hta
2016-12-14 18:49 - 2016-12-14 18:49 - 00066461 _____ C:\Users\sytro\Documents\_README_2KQU_.hta
2016-12-11 19:15 - 2016-12-11 19:16 - 00000000 ____D C:\Users\sytro\AppData\Local\FileZilla
2016-12-11 19:14 - 2016-12-11 19:15 - 06880664 _____ (Tim Kosse) C:\Users\sytro\Downloads\FileZilla_3.23.0.2_win64-setup.exe
2016-12-09 11:45 - 2016-12-09 11:45 - 00000000 ____D C:\Users\sytro\AppData\Roaming\NVIDIA
2016-12-09 08:30 - 2016-11-11 02:22 - 00590960 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2016-12-09 08:30 - 2016-11-11 02:15 - 00198856 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscapi.dll
2016-12-09 08:30 - 2016-11-11 02:14 - 02482280 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2016-12-09 08:30 - 2016-11-11 02:14 - 02186896 _____ (Microsoft Corporation) C:\WINDOWS\system32\hevcdecoder.dll
2016-12-09 08:30 - 2016-11-11 02:14 - 00603488 _____ (Microsoft Corporation) C:\WINDOWS\system32\ContentDeliveryManager.Utilities.dll
2016-12-09 08:30 - 2016-11-11 02:13 - 01886344 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-12-09 08:30 - 2016-11-11 02:13 - 00352096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fastfat.sys
2016-12-09 08:30 - 2016-11-11 02:12 - 00128352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\partmgr.sys
2016-12-09 08:30 - 2016-11-11 02:03 - 01069720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MrmCoreR.dll
2016-12-09 08:30 - 2016-11-11 02:03 - 00266544 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2016-12-09 08:30 - 2016-11-11 02:02 - 02828376 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2016-12-09 08:30 - 2016-11-11 02:02 - 00360040 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsAdminFlows.exe
2016-12-09 08:30 - 2016-11-11 02:01 - 01859264 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2016-12-09 08:30 - 2016-11-11 02:01 - 00637400 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2016-12-09 08:30 - 2016-11-11 01:57 - 22224480 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2016-12-09 08:30 - 2016-11-11 01:56 - 00534096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2016-12-09 08:30 - 2016-11-11 01:56 - 00424616 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2016-12-09 08:30 - 2016-11-11 01:56 - 00418952 _____ (Microsoft Corporation) C:\WINDOWS\system32\AUDIOKSE.dll
2016-12-09 08:30 - 2016-11-11 01:56 - 00163752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RTWorkQ.dll
2016-12-09 08:30 - 2016-11-11 01:51 - 00454592 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2016-12-09 08:30 - 2016-11-11 01:31 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXTaskFactory.dll
2016-12-09 08:30 - 2016-11-11 01:29 - 01631232 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.Resources.dll
2016-12-09 08:30 - 2016-11-11 01:26 - 00258560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\xboxgip.sys
2016-12-09 08:30 - 2016-11-11 01:26 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseModernAppMgmtCSP.dll
2016-12-09 08:30 - 2016-11-11 01:26 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReportingCSP.dll
2016-12-09 08:30 - 2016-11-11 01:25 - 00147968 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmcertinst.exe
2016-12-09 08:30 - 2016-11-11 01:25 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2016-12-09 08:30 - 2016-11-11 01:25 - 00073216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryBroker.dll
2016-12-09 08:30 - 2016-11-11 01:24 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepositoryClient.dll
2016-12-09 08:30 - 2016-11-11 01:24 - 00110080 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.BackgroundManagerPolicy.dll
2016-12-09 08:30 - 2016-11-11 01:24 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\browserbroker.dll
2016-12-09 08:30 - 2016-11-11 01:23 - 00409088 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2016-12-09 08:30 - 2016-11-11 01:23 - 00058880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Shell.Search.UriHandler.dll
2016-12-09 08:30 - 2016-11-11 01:23 - 00041472 _____ (Microsoft Corporation) C:\WINDOWS\system32\EAMProgressHandler.dll
2016-12-09 08:30 - 2016-11-11 01:22 - 00211968 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgent.exe
2016-12-09 08:30 - 2016-11-11 01:22 - 00143360 _____ (Microsoft Corporation) C:\WINDOWS\system32\EDPCleanup.exe
2016-12-09 08:30 - 2016-11-11 01:21 - 00748544 _____ (Microsoft Corporation) C:\WINDOWS\system32\StoreAgent.dll
2016-12-09 08:30 - 2016-11-11 01:21 - 00379392 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2016-12-09 08:30 - 2016-11-11 01:21 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\system32\domgmt.dll
2016-12-09 08:30 - 2016-11-11 01:20 - 00641024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2016-12-09 08:30 - 2016-11-11 01:20 - 00574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2016-12-09 08:30 - 2016-11-11 01:20 - 00407552 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Management.dll
2016-12-09 08:30 - 2016-11-11 01:20 - 00260608 _____ (Microsoft Corporation) C:\WINDOWS\system32\InstallAgentUserBroker.exe
2016-12-09 08:30 - 2016-11-11 01:20 - 00176128 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2016-12-09 08:30 - 2016-11-11 01:19 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2016-12-09 08:30 - 2016-11-11 01:19 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFolder.dll
2016-12-09 08:30 - 2016-11-11 01:19 - 00320000 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2016-12-09 08:30 - 2016-11-11 01:19 - 00285696 _____ (Microsoft Corporation) C:\WINDOWS\system32\EnterpriseAppMgmtSvc.dll
2016-12-09 08:30 - 2016-11-11 01:18 - 17188352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2016-12-09 08:30 - 2016-11-11 01:18 - 02084352 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceFlows.DataModel.dll
2016-12-09 08:30 - 2016-11-11 01:18 - 00967168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2016-12-09 08:30 - 2016-11-11 01:18 - 00278016 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2016-12-09 08:30 - 2016-11-11 01:16 - 00560128 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppReadiness.dll
2016-12-09 08:30 - 2016-11-11 01:16 - 00184832 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2016-12-09 08:30 - 2016-11-11 01:14 - 02104320 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidsvc.dll
2016-12-09 08:30 - 2016-11-11 01:14 - 00615424 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2016-12-09 08:30 - 2016-11-11 01:13 - 00306176 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdtcuiu.dll
2016-12-09 08:30 - 2016-11-11 01:11 - 00942080 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2016-12-09 08:30 - 2016-11-11 01:11 - 00337920 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2016-12-09 08:30 - 2016-11-11 01:08 - 00539136 _____ (Microsoft Corporation) C:\WINDOWS\system32\PlayToManager.dll
2016-12-09 08:30 - 2016-11-11 01:07 - 02510848 _____ (Microsoft Corporation) C:\WINDOWS\system32\NetworkMobileSettings.dll
2016-12-09 08:30 - 2016-11-11 01:07 - 00347648 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascustom.dll
2016-12-09 08:30 - 2016-11-11 01:06 - 00650752 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDXService.dll
2016-12-09 08:30 - 2016-11-11 01:05 - 04136448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.StateRepository.dll
2016-12-09 08:30 - 2016-11-11 01:05 - 02852864 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettingsThresholdAdminFlowUI.dll
2016-12-09 08:30 - 2016-11-11 01:04 - 02800128 _____ (Microsoft Corporation) C:\WINDOWS\system32\netshell.dll
2016-12-09 08:30 - 2016-11-11 01:04 - 01359360 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2016-12-09 08:30 - 2016-11-11 01:04 - 01232384 _____ (Microsoft Corporation) C:\WINDOWS\system32\dosvc.dll
2016-12-09 08:30 - 2016-11-11 01:04 - 00909312 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Search.dll
2016-12-09 08:30 - 2016-11-11 01:04 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmenrollengine.dll
2016-12-09 08:30 - 2016-11-11 01:03 - 00842240 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntshrui.dll
2016-12-09 08:30 - 2016-11-11 01:02 - 03542016 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2016-12-09 08:30 - 2016-11-11 00:39 - 00484584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2016-12-09 08:30 - 2016-11-10 23:49 - 00263472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2016-12-09 08:30 - 2016-11-10 23:48 - 02277248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2016-12-09 08:30 - 2016-11-10 23:47 - 00527880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 03892864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 01123912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 00952416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 00382784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AUDIOKSE.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 00152416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RTWorkQ.dll
2016-12-09 08:30 - 2016-11-10 23:42 - 00091936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfaudiocnv.dll
2016-12-09 08:30 - 2016-11-10 23:41 - 00157536 _____ (Microsoft Corporation)

#3 Juliet

Juliet

    Advanced Member

  • Trusted Malware Techs
  • 23,186 posts
  • Gender:Female


Posted 29 December 2016 - 10:33 PM

Hate to leave you hanging here but I need to ask a question.

When trouble started, at one time did you receive an alert or some kind of note that your files had been encrypted?

Any files that are encrypted with different versions of Ransomware, the newest variants, will be renamed (encrypted) with random characters and have a random 4 to 10+ digit extensions appended to the end of the encrypted data filename and leave files (ransom notes) named README.hta
 
edit *12-30-2016
OK, found your first post

 

https://forums.pcpit...and-corruption/
I have been infected with a virus that corrupts any and every type of data file on my system by changing the data within the file and then changing the name of the files to a random character name with a file extension *.a1e1. (AeIgtRb^4#M.A1E1)



located in your logs I did find
C:\Users\sytro\Desktop\_README_10KWUL3O_.hta
2016-12-14 19:14 - 2016-12-14 19:14 - 00066461 _____ C:\Users\sytro\_README_0MXA4I_.hta
2016-12-14 19:01 - 2016-12-14 19:01 - 00066461 _____ C:\Users\sytro\Downloads\_README_4YDMC5P_.hta
2016-12-14 18:49 - 2016-12-14 18:49 - 00066461 _____ C:\Users\sytro\Documents\_README_2KQU_.hta

Looks like you've possibly been hit with Ransomware.

If you would, please read over the 2 below links
https://www.bleeping...variant-cerber/
https://answers.micr...8c-ffa39851bd0b


Edited by Juliet, 30 December 2016 - 07:48 AM.

Please do not PM me for HJT help, we all benefit from posting on the open board.
Want to help others? Join the ClassRoom and learn how.
MS - MVP Consumer Security 2009 - 2016, Windows Insider MVP 2017

#4 Morty-MSSE

Morty-MSSE

    New Member

  • Members
  • 4 posts
  • Gender:Male
  • Location:Tacoma, WA


Posted 31 December 2016 - 05:31 PM

Thanks for the info. After reading through the links and associated links I believe what you have described is exactly what I have contracted. Only in this case it came from a misdirected email from my email provider. I had contacted them and they agreed that it sounded like a problem and they were going to look into it but to no avail.

 

In the meantime all of the ransomware activity has come to a halt and I am having no more issues with it. I am however still cleaning my systems and have lost 1.5tb of data from the last 5 years. Oh well.

 

Thanks again, this helps a lot.



#5 Juliet

Juliet

    Advanced Member

  • Trusted Malware Techs
  • 23,186 posts
  • Gender:Female


Posted 31 December 2016 - 11:10 PM

I am so sorry that all I could do was to deliver  bad news.

 

Wish you all the best for the new Year.


Please do not PM me for HJT help, we all benefit from posting on the open board.
Want to help others? Join the ClassRoom and learn how.
MS - MVP Consumer Security 2009 - 2016, Windows Insider MVP 2017

#6 Juliet

Juliet

    Advanced Member

  • Trusted Malware Techs
  • 23,186 posts
  • Gender:Female


Posted 05 January 2017 - 06:19 AM

Glad we could help. :)sparkle.gif

Since this issue appears resolved ... this Topic is closed.
Please do not PM me for HJT help, we all benefit from posting on the open board.
Want to help others? Join the ClassRoom and learn how.
MS - MVP Consumer Security 2009 - 2016, Windows Insider MVP 2017




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users